1. Download and try Fusil
      1. Download
      2. Try fusil
    2. Pages
    3. News
    4. Presentations
    5. Articles

Fusil the fuzzer is a Python library used to write fuzzing programs. It helps to start process with a prepared environment (limit memory, environment variables, redirect stdout, etc.), start network client or server, and create mangled files. Fusil has many probes to detect program crash: watch process exit code, watch process stdout and syslog for text patterns (eg. "segmentation fault"), watch session duration, watch cpu usage (process and system load), etc.

Fusil is based on a multi-agent system architecture. It computes a session score used to guess fuzzing parameters like number of injected errors to input files.

Available fuzzing projects: ClamAV, Firefox (contains an HTTP server), gettext, gstreamer, identify, libc_env, libc_printf, libexif, linux_syscall, mplayer, php, poppler, vim, xterm.

Fusil is an opensource project (contribute!) written in Python under GNU GPLv2 license.

Download and try Fusil

Download

Stable version:

Read INSTALL for the installation procedure. Fusil 1.2 depends on Python 2.5+ and python-ptrace 0.4.2

Download the last version (developer version) with subversion: 

svn co http://fusil.hachoir.org/svn/trunk fusil

You can also browse Fusil source code.

Try fusil

You can use Fusil without installation by changing PYTHONPATH: Fusil module have to be part of PYTHONPATH. Go to Fusil parent directory and type: 

export PYTHONPATH=$PYTHONPATH:$PWD

Then you can use any fuzzer, eg. : 

./fuzzers/fusil-gettext

Pages

News

  • 2009-02-04: Release of Fusil 1.2, read the ChangeLog
  • 2008-10-22: Release of Fusil 1.1, read the ChangeLog
  • 2008-09-13: Release of Fusil 1.0 final, read the ChangeLog
    • Create zzuf and vlc fuzzers
    • Replace replay.sh and gdb.sh by replay.py which has many more options (eg. --valgrind or --user)
    • Basic Windows support

Presentations

Articles