{"id":43496608,"url":"https://github.com/quarkslab/pastis","last_synced_at":"2026-02-03T10:38:33.967Z","repository":{"id":163222947,"uuid":"612200064","full_name":"quarkslab/pastis","owner":"quarkslab","description":"PASTIS: Collaborative Fuzzing Framework","archived":false,"fork":false,"pushed_at":"2025-10-12T19:44:55.000Z","size":66663,"stargazers_count":162,"open_issues_count":1,"forks_count":10,"subscribers_count":9,"default_branch":"main","last_synced_at":"2025-11-13T02:20:59.916Z","etag":null,"topics":["fuzzing","program-analysis","symbolic-execution","vulnerability-research"],"latest_commit_sha":null,"homepage":"https://quarkslab.github.io/pastis","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/quarkslab.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2023-03-10T12:16:29.000Z","updated_at":"2025-09-09T13:26:10.000Z","dependencies_parsed_at":"2024-06-17T19:43:07.718Z","dependency_job_id":"4c10eda1-790a-466d-9239-e3ef9f38b068","html_url":"https://github.com/quarkslab/pastis","commit_stats":null,"previous_names":[],"tags_count":14,"template":false,"template_full_name":null,"purl":"pkg:github/quarkslab/pastis","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quarkslab%2Fpastis","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quarkslab%2Fpastis/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quarkslab%2Fpastis/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quarkslab%2Fpastis/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/quarkslab","download_url":"https://codeload.github.com/quarkslab/pastis/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quarkslab%2Fpastis/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29041862,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-03T10:09:22.136Z","status":"ssl_error","status_checked_at":"2026-02-03T10:09:16.814Z","response_time":96,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["fuzzing","program-analysis","symbolic-execution","vulnerability-research"],"created_at":"2026-02-03T10:38:33.378Z","updated_at":"2026-02-03T10:38:33.958Z","avatar_url":"https://github.com/quarkslab.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n\t\u003cimg src=\"https://github.com/quarkslab/pastis/raw/main/doc/figs/logo_pastis.png\"  width=\"100%\"\u003e\n\u003c/p\u003e\n\nThe PASTIS project is a fuzzing framework aiming at combining various software testing techniques\nwithin the same workflow to perform collaborative fuzzing also called ensemble fuzzing.\nAt the moment it supports the following fuzzing engines:\n\n* **Honggfuzz** (greybox fuzzer)\n* **AFL++** (greybox fuzzer)\n* **TritonDSE** (whitebox fuzzer)\n\n\u003cp align=\"center\" style=\"font-size:20px\"\u003e\n  \u003ca href=\"https://quarkslab.github.io/pastis\"\u003e\n    [Documentation]\n  \u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/quarkslab/pastis/releases\"\u003e\n    \u003cimg src=\"https://img.shields.io/github/v/release/quarkslab/pastis?logo=github\"\u003e\n  \u003c/a\u003e\n  \u003cimg src=\"https://img.shields.io/github/license/quarkslab/pastis\"/\u003e\n  \u003ca href=\"https://github.com/quarkslab/pastis/releases\"\u003e\n    \u003cimg src=\"https://img.shields.io/github/actions/workflow/status/quarkslab/pastis/doc.yml\"\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://github.com/quarkslab/pastis/releases\"\u003e\n    \u003cimg src=\"https://img.shields.io/github/actions/workflow/status/quarkslab/pastis/release.yml\"\u003e\n  \u003c/a\u003e\n  \u003cimg src=\"https://img.shields.io/github/downloads/quarkslab/pastis/total\"/\u003e\n  \u003cimg src=\"https://img.shields.io/pypi/dm/pastis-framework\"/\u003e\n\n\u003c/p\u003e\n\n---\n\n# Overview\n\n\u003cp align=\"center\" style=\"font-size:20px\"\u003e\n  \u003ca href=\"https://www.youtube.com/watch?v=9uwXciOxtyQ\"\u003e\n    \u003cimg src=\"https://i.ytimg.com/vi/9uwXciOxtyQ/maxresdefault.jpg\" width=\"50%\"\u003e\n  \u003c/a\u003e\n\u003c/p\u003e\n\n\u003e **Note**\n\u003e The video highlight the use-case driven by SAST alerts. However, the\n\u003e main use-case the standard fuzzing for coverage or bug research.\n\n---\n\n# Quick start\n\n* [Installation](#installation)\n* [Usage](#usage)\n* [Adding a fuzzer](#adding-a-fuzzer)\n\n## Installation\n\nThe PASTIS framework can be installed with:\n\n```bash\npip install pastis-framework\n```\n\nThe pip package will install all dependencies and the tritondse\nengine.\n\n**AFL++**\n\nTo install AFL++ please refer to the official [documentation](https://github.com/AFLplusplus/AFLplusplus#getting-started).\n\n**Honggfuzz (\u003e= v2.6)**\n\nTo install Honggfuzz please refer to the official [documentation](https://github.com/google/honggfuzz#installation).\n\n## Usage\n\nThe main component is the ``broker`` that will serve the appropriate configurations to fuzzing\nengines and that will aggregate results. An example is the following:\n\n```bash\ntar xvf doc/figs/fsm-demo.tar.gz \u0026\u0026 cd fsm-demo\nmake\npastis-broker -b bin -s initial -w output\n```\n\nIt will run the broker using binaries in the *bin* directory. Initial corpus\nis *initial* and the whole output workspace will be save in *output*. By default\nit will listen on the local interface on port 5555.\n\nThen fuzzing engines can be launched to start testing the software.\n\n```commandline\npastis-aflpp online\n```\n\nOr:\n\n```commandline\npastis-tritondse online\n```\n\nFull documentation is available: [here](https://quarkslab.github.io/pastis/campaign.html)\n\n## Adding a Fuzzer\n\nIntegrating a fuzzer requires writing a Python driver using the ``libpastis`` library\ninstalled by the package. It requires implementing some callbacks to receive the initial\nconfiguration and also to receive inputs from the broker. Conversely the API enables\nsending newly generated inputs to the broker.\n\nThe process is further [detailed in the documentation](https://quarkslab.github.io/pastis/adding-fuzzer.html).\n\n\u003e **Note**\n\u003e We warmly welcome any Pull Request to add the support for a new fuzzing engine.\n\n---\n\n## Docker\n\nYou can also run PASTIS using Docker:\n\n```bash\n# Pull from GitHub's registry.\ndocker pull ghcr.io/quarkslab/pastis:latest\n\n# Or build the image.\ndocker build -t pastis .\n\n# And run a container.\ndocker run -v \u003cHOST-WORKSPACE\u003e:/workspace --cap-add=SYS_PTRACE --user $(id -u $USER):$(id -g $USER) -it ghcr.io/quarkslab/pastis # or pastis if you buily the image locally.\n```\n\nTo open another terminal to an already running container:\n\n```bash\ndocker exec -it $(docker ps | grep 'pastis' | awk '{print $1}') /bin/bash\n```\n\nThe PASTIS Docker image has already installed all the needed dependencies such as AFL++ and Honggfuzz.\n\n---\n\n## Papers and conferences\n\n* **PASTIS: A Collaborative Approach to Combine Heterogeneous Software Testing Techniques**\n  **Venue**: SBFT 2023, Melbourne, Australia [:movie_camera:](https://www.youtube.com/watch?v=EF13eiidhA0\u0026t=13295s) [slides](https://sbft23.github.io/share/pastis.pdf)\n  **Authors**: Robin David, Richard Abou Chaaya, Christian Heitman\n\n* **Symbolic Execution the Swiss-Knife of the Reverse Engineer Toolbox**\n  **Venue**: KLEE Workshop, 2022 [:books:](https://srg.doc.ic.ac.uk/klee22/talks/David-Reverse-Engineering.pdf) [:movie_camera:](https://youtu.be/PNbNtTa5Sp4)\n  **Authors**: Robin David, Richard Abou Chaaya, Christian Heitman\n\n* **From source code to crash test-case through software testing automation**\n  **Venue**: European Cyber Week, C\u0026ESAR Workshop, 2021 [paper](https://ceur-ws.org/Vol-3056/paper-02.pdf) [slides](https://github.com/quarkslab/conf-presentations/blob/main-page/C%26ESAR-2021/CESAR-2021_slides_2-2.pdf)\n  **Authors**: Robin David, Jonathan Salwan, Justin Bourroux\n\n## Cite PASTIS\n\n```latex\n@inproceedings{david2023pastis,\n  title={PASTIS: A Collaborative Approach to Combine Heterogeneous Software Testing Techniques},\n  author={David, Robin and Abou Chaaya, Richard and Heitman, Christian},\n  booktitle={2023 IEEE/ACM International Workshop on Search-Based and Fuzz Testing (SBFT)},\n  pages={17--24},\n  year={2023},\n  organization={IEEE}\n}\n```\n\n## Contributors\n\nPASTIS is powered by [Quarkslab](https://quarkslab.com) and initially financed by DGA-MI.\n\n[**All contributions**](https://github.com/quarkslab/pastis/graphs/contributors)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fquarkslab%2Fpastis","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fquarkslab%2Fpastis","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fquarkslab%2Fpastis/lists"}