fuzz-utils

fuzz testing of Tor and OpenSSL using AFL++

fuzz.sh is the entry point. fuzz-*.sh do provide target specific functionality and cgroup handling.

The directory /tmp/torproject/fuzzing is used as output. Findings will be synced from there to $HOME/findings. It should be a tmpfs to avoid heavy I/O stress to the disk.

The fuzz-cgroup.sh needs root permissions. Therefore tweak your local sudoers.d file.

Example:

# (f)indings, 1x (o)penssl, 1x (t)or, (p)lots, (f)indings
*/5 * * * *   /opt/fuzz-utils/fuzz.sh -f -o 1 -t 1 -p -f

simple-http-server.sh provides a simple Python HTTP server. A separate sandbox is provided by bwrap.sh which uses bubblewrap, e.g.:

./bwrap.sh ./simple-http-server.py --address 1.2.3.4 --port 56789 --directory /tmp/www

Each sandbox invocation needs 2 or more namespace entries, so tweak the sysctl value user.max_user_namespaces accordingly.

Name		Name	Last commit message	Last commit date
Latest commit History 174 Commits
.editorconfig		.editorconfig
.gitignore		.gitignore
.markdownlint.yaml		.markdownlint.yaml
.pylintrc		.pylintrc
.shellcheckrc		.shellcheckrc
LICENSE		LICENSE
README.md		README.md
bwrap.sh		bwrap.sh
fuzz-cgroup.sh		fuzz-cgroup.sh
fuzz-lib-openssl.sh		fuzz-lib-openssl.sh
fuzz-lib-tor.sh		fuzz-lib-tor.sh
fuzz.sh		fuzz.sh
simple-http-server.py		simple-http-server.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

fuzz-utils

About

Releases 14

Packages

Languages

License

toralf/fuzz-utils

Folders and files

Latest commit

History

Repository files navigation

fuzz-utils

About

Topics

Resources

License

Stars

Watchers

Forks

Releases 14

Packages 0

Languages

Packages