Penetration Testing
Fusil the fuzzer version 1.0beta3 Sep 03 2008 09:24PM
Victor Stinner (victor stinner haypocalc com)
Fusil is a Python library for writing fuzzers and a set of specific fuzzers:
Apache, ClamAV, Firefox, gettext, gstreamer, ImageMagick, libpoppler,
printf(), Mplayer, ogg123, PHP and Python. The goal is to quickly write your
fuzzer, Fusil is reponsible to manage a fuzzing campain (create files,
cleanup at exist, sort errors, etc.).

With the version 1.0, Fusil is safe: it uses a dedicated (UNIX) user to
create child processes and limit resources (memory, total number of
processes, etc.). Fusil now uses python-ptrace debugger for helping error
classification (invalid memory read/write, division by zero, stack overflow,
...): it renames the fuzzer working directory (eg. "exitcode1", "abort",
"div_by_zero", ...).

This version is a beta version, it have to be tested as much as possible on
any architectures and operating systems. Don't hesitate to report bugs!


python-ptrace website:

The development of the version 1.0 (still in beta phase) took around one
year. The project is distributed under license GPLv2, is written in Python
and is pacakaged for Debian, Mandriva and OpenEmbedded. The project is
developed under Linux, but Fusil works correctly on FreeBSD and should works
on any POSIX system (especially UNIX and BSD).

Getting started

To install Fusil, you will need python-ptrace and a system user "fusil" (and
a group "fusil"). To run a fuzzer, type it's name, eg. "fusil-gettext". Each
fuzzer has its own options, so don't hesitate to use the option "--help".

For the documentation, browse the directory doc/. Simple examples are
available in the directory examples/.

python-ptrace only works correclty on Linux (i386, x86_64, PPC32) and
FreeBSD (i386). If you have troubles with another architecture/OS, disable
it with the Fusil configuration file (~/.config/fusil.conf):

use_debugger = False

Read doc/configuration.rst to learn other Fusil options.


If you didn't know python-ptrace, you should know that it's only written in
Python and includes the programs and (strace and gdb
clones). is very close to strace, but has more options and works
on FreeBSD without the Linux emulation (/proc directory). is very
limited, it doesn't support thread nor symbols for example.


This list is sponsored by: Cenzic

Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus