ronin-fuzzer is a Ruby library and CLI for generating, mutating, and fuzzing data. The goal of ronin-fuzzer is to be both easy to use and highly customizable.
- Provides a Fuzzer class for incremental substitution fuzzing of data.
- Provides a Mutator class for combinatorial substitution mutation of data.
- Provides methods for enumerating over common "bad strings".
- Provides core extension methods to Ruby's String class.
Fuzzes an input file and generates output bad files for testing:
$ ronin-fuzzer fuzz -i http_request.txt -o bad.txt -r unix_path:bad_strings
Replace every e
, i
, o
, u
with (
, 100 A
s and a \0
:
require 'ronin/fuzzing'
"the quick brown fox".fuzz(/[eiou]/ => ['(', ('A' * 100), "\0"]) do |str|
p str
end
For more examples, please see the API documentation.
- Ruby >= 3.0.0
- combinatorics ~> 0.4
- ronin-support ~> 1.0
- ronin-core ~> 0.2
$ gem install ronin-fuzzer
gem 'ronin-fuzzer', '~> 0.1'
gem.add_dependency 'ronin-fuzzer', '~> 0.1'
- Fork It!
- Clone It!
cd ronin-fuzzer/
./scripts/setup
git checkout -b my_feature
- Code It!
bundle exec rake spec
git push origin my_feature
Copyright (c) 2006-2024 Hal Brodigan (postmodern.mod3@gmail.com)
This file is part of ronin-fuzzer.
ronin-fuzzer is free software: you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
ronin-fuzzer is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License along with ronin-fuzzer. If not, see https://www.gnu.org/licenses/.