{"id":13538919,"url":"https://github.com/shellphish/fuzzer","last_synced_at":"2025-04-02T05:32:10.677Z","repository":{"id":73189249,"uuid":"66163973","full_name":"shellphish/fuzzer","owner":"shellphish","description":"A Python interface to AFL, allowing for easy injection of testcases and other functionality.","archived":true,"fork":false,"pushed_at":"2019-04-30T21:08:17.000Z","size":144,"stargazers_count":639,"open_issues_count":11,"forks_count":130,"subscribers_count":45,"default_branch":"master","last_synced_at":"2024-11-03T03:32:20.297Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-2-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/shellphish.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2016-08-20T19:18:17.000Z","updated_at":"2024-09-24T12:47:58.000Z","dependencies_parsed_at":null,"dependency_job_id":"feb28ac8-4d1a-4949-8ba2-e5a5fd1fab66","html_url":"https://github.com/shellphish/fuzzer","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shellphish%2Ffuzzer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shellphish%2Ffuzzer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shellphish%2Ffuzzer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shellphish%2Ffuzzer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/shellphish","download_url":"https://codeload.github.com/shellphish/fuzzer/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246763809,"owners_count":20829795,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T09:01:17.692Z","updated_at":"2025-04-02T05:32:09.561Z","avatar_url":"https://github.com/shellphish.png","language":"Python","funding_links":[],"categories":["Tools","\u003ca id=\"683b645c2162a1fce5f24ac2abfa1973\"\u003e\u003c/a\u003e漏洞\u0026\u0026漏洞管理\u0026\u0026漏洞发现/挖掘\u0026\u0026漏洞开发\u0026\u0026漏洞利用\u0026\u0026Fuzzing"],"sub_categories":["File Format Fuzzers","功能","Binary"],"readme":"# Fuzzer\n\nThis module provides a Python wrapper for interacting with AFL (American Fuzzy Lop: http://lcamtuf.coredump.cx/afl/).\nIt supports starting an AFL instance, adding slave workers, injecting and retrieving testcases, and checking various performance metrics.\nShellphish used it in Mechanical Phish (our CRS for the Cyber Grand Challenge) to interact with AFL.\n\n## Installation\n\n/!\\ We recommend installing our Python packages in a Python virtual environment. That is how we do it, and you'll likely run into problems if you do it otherwise.\n\nThe fuzzer has some dependencies.\nFirst, here's a probably-incomplete list of debian packages that might be useful:\n\n    sudo apt-get install build-essential gcc-multilib libtool automake autoconf bison debootstrap debian-archive-keyring libtool-bin\n    sudo apt-get build-dep qemu\n\nThen, the fuzzer also depends on `shellphish-afl`, which is a pip package that actually includes AFL:\n\n    pip install git+https://github.com/shellphish/shellphish-afl\n    \nThat'll pull a ton of other stuff, compile qemu about 4 times, and set everything up.\nThen, install this fuzzer wrapper:\n\n    pip install git+https://github.com/shellphish/fuzzer\n\n## Usage\n\nThere are two ways of using this package.\nThe easy way is to use the `shellphuzz` script, which allows you to specify various options, enable [driller](https://www.internetsociety.org/sites/default/files/blogs-media/driller-augmenting-fuzzing-through-selective-symbolic-execution.pdf), etc.\nThe script has explanations about its usage with `--help`.\n\nA quick example:\n\n```\n# fuzz with 4 AFL cores\nshellphuzz -i -c 4 /path/to/binary\n\n# perform symbolic-assisted fuzzing with 4 AFL cores and 2 symbolic tracing (drilling) cores.\nshellphuzz -i -c 4 -d 2 /path/to/binary\n```\n\nYou can also use it programmatically, but we have no documentation for that.\nFor now, `import fuzzer` or look at the shellphuz script and figure it out ;-)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fshellphish%2Ffuzzer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fshellphish%2Ffuzzer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fshellphish%2Ffuzzer/lists"}