Skip to content

/ python-hfuzz

python and honggfuzz

18 stars 2 forks
Star
Watch
master
1 branch 0 tags
Go to file
Code

Clone with HTTPS

Use Git or checkout with SVN using the web URL.

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
examples
 
 
hfuzz
 
 
.travis.yml
 
 
README.md
 
 
requirements.txt
 
 
setup.py
 
 

README.md

Python HFuzz

Everything you need to glue honggfuzz and python 3.

Install

cd /path/to/honggfuzz/sources/
git clone https://github.com/thebabush/python-hfuzz.git python
cd python
python setup.py install

Important: do not use pip. Right now I'm using relative paths to link honggfuzz' static libraries to python-hfuzz and pip doesn't like that. Feel free to create a PR to improve the build system.

Usage

Normal execution:

honggfuzz -f ./corpus -F 8 -- ./examples/cmp.py ___FILE___

Persistent mode:

honggfuzz -f ./corpus -F 8 -P -- ./examples/persistent.py

Why?

Well, the main reasons are these:

  1. There are DBIs out there that can be scripted in python. While it's not the best idea performance-wise, sometimes your dev-speed/run-speed trade-off makes it worth it in the short term (e.g.: one-off custom feedback implementations, research, CTFs, etc...)
  2. Fuzzing python programs. Coupled with some nice bytecode-level instrumentation, this could be interesting.
  3. Reimplement AFL-unicorn without patching unicorn's QEMU (hello UC_HOOK_BLOCK).

About

python and honggfuzz

Topics

fuzzing honggfuzz security python coverage

Resources

Readme

Releases

No releases published

Packages

No packages published

Languages

You can’t perform that action at this time.