{"id":33064447,"url":"https://github.com/vusec/vuzzer","last_synced_at":"2026-03-01T11:35:06.882Z","repository":{"id":50745798,"uuid":"82937434","full_name":"vusec/vuzzer","owner":"vusec","description":null,"archived":false,"fork":false,"pushed_at":"2019-10-28T13:54:14.000Z","size":705,"stargazers_count":377,"open_issues_count":8,"forks_count":108,"subscribers_count":40,"default_branch":"master","last_synced_at":"2024-05-16T12:48:33.304Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/vusec.png","metadata":{"files":{"readme":"README-DTracker.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-02-23T14:51:41.000Z","updated_at":"2024-04-10T16:18:04.000Z","dependencies_parsed_at":"2022-09-25T03:50:14.444Z","dependency_job_id":null,"html_url":"https://github.com/vusec/vuzzer","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/vusec/vuzzer","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vusec%2Fvuzzer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vusec%2Fvuzzer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vusec%2Fvuzzer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vusec%2Fvuzzer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/vusec","download_url":"https://codeload.github.com/vusec/vuzzer/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vusec%2Fvuzzer/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":284678558,"owners_count":27045646,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-11-16T02:00:05.974Z","response_time":65,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-11-14T07:00:30.130Z","updated_at":"2025-11-16T08:01:13.255Z","avatar_url":"https://github.com/vusec.png","language":"C","funding_links":[],"categories":["Uncategorized","\u003ca id=\"7b8a493ca344f41887792fcc008573e7\"\u003e\u003c/a\u003eIntelPin"],"sub_categories":["Uncategorized","\u003ca id=\"fe5a6d7f16890542c9e60857706edfde\"\u003e\u003c/a\u003e工具"],"readme":"DataTracker\n===========\n\nAbout\n------\nDataTracker is a tool for collecting high-fidelity data provenance from unmodified Linux programs. It is based on [Intel Pin][pin] _Dynamic Binary Instrumentation_ framework and [libdft][libdft] _Dynamic Taint Analysis_ library. The taint marks supported by the original libdft are of limited size and cannot provide adequate fidelity for use in provenance tracking. For this, DataTracker uses a [modified version][libdft-mod] of the library developed at [VU University Amsterdam][vu-cs].\n\nDataTracker was developed at VU University Amsterdam by Manolis Stamatogiannakis and presented at IPAW14.\nYou can get a [copy of the paper][dtracker-dare] from VU Digital Archive Repository ([VU-DARE][vu-dare]).\nWe also have a [demo on YouTube][ipaw14-demo].\nPresentation slides available upon request.\n\nRequirements\n-------------\nDataTracker runs on 32bit Linux systems. This limitation is imposed by the current version of libdft. However, the methods of both software are not platform-specific. So, in principle, they can be ported on any platform supported by Intel Pin. The requirements for running DataTracker are:\n\n*  A C++11 compiler and unix build utilities (e.g. GNU Make). \n*  A recent (\u003e=2.13) version of Intel Pin. The framework must be present in directory ``pin`` inside the DataTracker top directory.\n*  A suitable version of the [modified libdft][libdft-mod] - typically the latest available. This must be placed in directory ``support/libdft``.\n*  Python 2.7 for converting raw provenance to [PROV][prov] format in [Turtle][turtle] syntax.\n\n\n\nInstallation\n-------------\nAfter cloning DataTracker, follow these steps to compile it.\n\n**Build environment:**\nOn Debian/Ubuntu systems, you should install ``build-essential`` meta-package which will provide a C++ compiler and GNU Make. On other systems, you should either install some equivalent meta-package or install the tools one by one using trial and error.\n\n**Intel Pin:** You can [manually download][pin-dl] a suitable Pin version and extract it in ``pin`` directory. For convenience, a makefile is provided which takes care of this. I.e. it downloads and extracts a suitable Pin version. Invoke it using:\n\n```\nmake -C support -f makefile.pin\n```\n\n**libdft:** The modified libdft is packed as a submodule of DataTracker. You need to disable Git's certificate checking to successfully retrieve it. Because libdft does not use [Pin's makefile infrastructure][pin-makefile] you need to set ``PIN_ROOT`` environment variable before compiling it. E.g.:\n\n```\nexport PIN_ROOT=$(pwd)/pin\nGIT_SSL_NO_VERIFY=true git submodule update --init\nmake support-libdft\n```\n\n**dtracker pin tool**: Finaly compile the pin tool of DataTracker using:\n\n```\nmake\n```\n\nIf all above steps were successfull, ``obj-ia32/dtracker.so`` will be created. This is Pin tool containing all the instrumentation required to capture provenance.\n\n\nRunnning\n---------\n\n### Capturing raw provenance\nTo capture provenance from a program, launch it from the unix shell using something like this:\n\n```\n./pin/pin.sh -follow_execv -t ./obj-ia32/dtracker.so \u003cknobs\u003e -- \u003cprogram\u003e \u003cargs\u003e\n```\n\nThe command runs the program under Pin\nIn addition to the standard Pin knobs, DataTracker additionally supports these tool-specific knobs:\n\n* ```-stdin [1|0]```: Turns tracking of data read from the standard input on or off. Default if off.\n* ```-stdout [1|0]```: Turns logging of provenance of data written to standard output on or off. Default if on.\n* ```-stderr [1|0]```: Turns logging of provenance of data written to standard error on or off. Default if off.\n\nNote that launching large programs using the method above takes a lot of time. For such programs, it is suggested to first launch the program and then attach DataTracker to the running process like this:\n\n```\n./pin/pin.sh -follow_execv -pid \u003cpid\u003e -t ./obj-ia32/dtracker.so \u003cknobs\u003e\n```\n\nThe raw provenance generated by DataTracker is contained in file ``rawprov.out``. Any additional debugging information are written in file ``pintool.log``.\n\n### Converting to PROV\nThe ``raw2ttl.py`` script converts the raw provenance generated by DataTracker to [PROV][prov] format in [Turtle][turtle] syntax. The converter works as a filter. So, a conversion would look like this:\n\n```\npython raw2ttl.py \u003c rawprov.out \u003e prov.ttl\n```\n\n### Visualizing provenance\nFor visualization of the generated provenance, we suggest using [``provconvert``][provconvert] from Luc Moreau's [ProvToolbox][provtoolbox]. It is suggested to use the binary release. \n\nOf course any other PROV-compatible tool can be used, either directly, or via conversion of the Turtle file to a supported syntax.\nIf you were able to produce any good-looking provenance graph, we'd love to incorporate them in these pages.\n\nSample programs\n----------------\nIn this repository also include a few sample programs we used for evaluating the effectiveness of DataTracker. You can find these programs in the ``samples`` directory. To build them, use:\n\n```\nmake -C samples\n```\n\n\u003c!--\nIntegration with SPADE\n-----------------------\n\n```\n\u003cprovenance\u003e ::= \u003cprovenance\u003e \u003celement\u003e | \u003celement\u003e\n\u003celement\u003e ::= \u003cnode\u003e | \u003cdependency\u003e\n\u003cnode\u003e ::= \u003cnode-type\u003e \u003cnode-id\u003e \u003cannotation-list\u003e\n\u003cnode-type\u003e ::= type: \u003cvertex-type\u003e\n\u003cvertex-type\u003e ::= Agent | Process | Artifact\n\u003cnode-id\u003e ::= id: \u003cvertex-id\u003e\n\u003cvertex-id\u003e ::= \u003cunique-identifier\u003e\n\u003cannotation-list\u003e ::= \u003cannotation-list\u003e \u003cannotation\u003e | \u003cannotation\u003e\n\u003cannotation\u003e ::= \u003ckey\u003e : \u003cvalue\u003e\n\u003cdependency\u003e ::= \u003cdependency-type\u003e \u003cstart-node\u003e \u003cend-node\u003e\n\u003cannotation-list\u003e\n\u003cdependency-type\u003e ::= type: \u003cedge-type\u003e\n\u003cedge-type\u003e ::= WasControlledBy | WasGeneratedBy | Used | WasTriggeredBy | WasDerivedFrom\n\u003cstart-node\u003e ::= from: \u003cvertex-id\u003e\n\u003cend-node\u003e ::= to: \u003cvertex-id\u003e\n```\n--\u003e\n\n[pin]: http://software.intel.com/en-us/articles/pin-a-dynamic-binary-instrumentation-tool\n[pin-dl]: http://software.intel.com/en-us/articles/pintool-downloads\n[pin-makefile]: http://software.intel.com/sites/landingpage/pintool/docs/62732/Pin/html/index.html#MAKEFILES\n[libdft]: http://www.cs.columbia.edu/~vpk/research/libdft/\n[libdft-mod]: https://git.cs.vu.nl/r.vermeulen/libdft\n[vu-cs]: http://www.cs.vu.nl/en/\n[turtle]: http://www.w3.org/TeamSubmission/turtle/\n[prov]: http://www.w3.org/TR/2013/NOTE-prov-overview-20130430/\n[provconvert]: https://github.com/lucmoreau/ProvToolbox/wiki/provconvert\n[provtoolbox]: https://github.com/lucmoreau/ProvToolbox/wiki/ProvToolbox-Home\n[ipaw14-demo]: https://www.youtube.com/watch?v=BD0h6M5mVoo\n[vu-dare]: http://dare.ubvu.vu.nl/\n[dtracker-dare]: http://dare.ubvu.vu.nl/handle/1871/51386\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvusec%2Fvuzzer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvusec%2Fvuzzer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvusec%2Fvuzzer/lists"}