Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/hgascon/pulsar
Protocol Learning and Stateful Fuzzing
https://github.com/hgascon/pulsar
fuzzing networking protocol-learning security simulation vulnerability-identification
Last synced: about 2 months ago
JSON representation
Protocol Learning and Stateful Fuzzing
- Host: GitHub
- URL: https://github.com/hgascon/pulsar
- Owner: hgascon
- License: bsd-3-clause
- Created: 2015-04-28T10:58:20.000Z (over 9 years ago)
- Default Branch: master
- Last Pushed: 2022-06-07T15:36:11.000Z (over 2 years ago)
- Last Synced: 2024-08-01T09:24:09.306Z (5 months ago)
- Topics: fuzzing, networking, protocol-learning, security, simulation, vulnerability-identification
- Language: Python
- Homepage:
- Size: 3.19 MB
- Stars: 344
- Watchers: 22
- Forks: 73
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
## PULSAR
### Protocol Learning, Simulation and Stateful Fuzzer
Pulsar is a network fuzzer with automatic protocol learning and simulation capabilites. The tool allows to model a protocol through machine learning techniques, such as clustering, and Markov models. These models can be used to simulate communication between Pulsar and a real client or server thanks to semantically correct messages which, in combination with a series of fuzzing primitives, allow to test the implementation of an unknown protocol for errors in deeper states of its protocol state machine.
For detailed information about the method implemented by Pulsar, you can read the following publications:
**[Pulsar: Stateful Black-Box Fuzzing of Proprietary Network Protocols](http://www.hugogascon.com/publications/2015-securecomm.pdf)**
Hugo Gascon, Christian Wressnegger, Fabian Yamaguchi, Daniel Arp and Konrad Rieck
*Proc. of 11th EAI International Conference on Security and Privacy in Communication Networks (SECURECOMM) October 2015***[Learning Stateful Models for Network Honeypots](http://www.hugogascon.com/publications/2012a-aisec.pdf)**
Tammo Krueger, Hugo Gascon, Nicole Krämer and Konrad Rieck
*ACM Workshop on Security and Artificial Intelligence (AISEC) October 2012*_
_ __ _ _| |___ __ _ _ __
| '_ \| | | | / __|/ _` | '__|
| |_) | |_| | \__ \ (_| | |
| .__/ \__,_|_|___/\__,_|_| v0.1-dev
|_|usage: pulsar.py [-h] [-c CONF] [-l] [-p PCAP] [-b BINARIES] [-a] [-x]
[-o OUT] [-d DIMENSION] [-s] [-z] [-m MODEL]Protocol Learning and Stateful Fuzzing
optional arguments:
-h, --help show this help message and exit
-c CONF, --conf CONF Change default directory for configuration files. If
no directory is given, the files from 'pulsar/conf'
will be read.MODEL LEARNING:
-l, --learner Learn a model from a set of network traces.
-p PCAP, --pcap PCAP tcpdump output file (pcap) or list of files separated
by commas to use as input data for a new model.
-b BINARIES, --binaries BINARIES
Name of binaries to process from the cuckoo storage
dir separated with commas.
-a, --all-binaries Generate models for all binaries from the cuckoo
storage dir (cuckoo/storage/binaries).
-x, --process Process derrick files through the functions defined in
utils/preprocessing/derrick.py.
-o OUT, --out OUT Change output directory for generated models. If no
directory is given, the model will be written to the
'models' directory.
-d DIMENSION, --dimension DIMENSION
Number of components to be used for NMF clustering.SIMULATION & FUZZING:
-s, --simulate Simulate communication based on a given model.
-z, --fuzzer Start a fuzzing session based on a given model.
-m MODEL, --model MODEL
Path of the dir containing the model files to be
loaded for simulation or fuzzing.### Configuration
The directory *pulsar/conf* contains a series of configuration files that define the parameters required for certain operations in each one of the Pulsar methods for automatic learning, simulation and fuzzing.
### Examples
Generate the model of a communication channel from individual PCAP files or the recorded traces of one or more binaries run by cuckoo sandbox:
$> pulsar.py -l -p file.pcap (1 pcap file)
$> pulsar.py -b 016169EBEBF1CEC2AAD6C7F0D0EE9026 (1 or more binaries from cuckoo storage)
$> pulsar.py -a (all binaries from cuckoo storage)Simulate a communication channel based on a learnt model:
$> pulsar.py -s -m model_file
Initiate a fuzzing session against a target given the model of its communication channel:
$> pulsar.py -z -m model_file