ronin-rb / ronin-fuzzer Goto Github PK

View Code? Open in Web Editor NEW

11.0 2.0 3.0 157 KB

A Ruby library for generating, mutating, and fuzzing data

Home Page: https://ronin-rb.dev

License: GNU Lesser General Public License v3.0

Ruby 98.62% Shell 1.38%

fuzzer fuzzing ruby

ronin-fuzzer's Introduction

ronin-fuzzer

Description

ronin-fuzzer is a Ruby library and CLI for generating, mutating, and fuzzing data. The goal of ronin-fuzzer is to be both easy to use and highly customizable.

Features

Provides a Fuzzer class for incremental substitution fuzzing of data.
Provides a Mutator class for combinatorial substitution mutation of data.
Provides methods for enumerating over common "bad strings".
Provides core extension methods to Ruby's String class.

Synopsis

Fuzzes an input file and generates output bad files for testing:

$ ronin-fuzzer fuzz -i http_request.txt -o bad.txt -r unix_path:bad_strings

Examples

Replace every e, i, o, u with (, 100 As and a \0:

require 'ronin/fuzzing'

"the quick brown fox".fuzz(/[eiou]/ => ['(', ('A' * 100), "\0"]) do |str|
  p str
end

For more examples, please see the API documentation.

Requirements

Ruby >= 3.0.0
combinatorics ~> 0.4
ronin-support ~> 1.0
ronin-core ~> 0.2

Install

$ gem install ronin-fuzzer

Gemfile

gem 'ronin-fuzzer', '~> 0.1'

gemspec

gem.add_dependency 'ronin-fuzzer', '~> 0.1'

Development

Fork It!
Clone It!
cd ronin-fuzzer/
./scripts/setup
git checkout -b my_feature
Code It!
bundle exec rake spec
git push origin my_feature

License

This file is part of ronin-fuzzer.

ronin-fuzzer is free software: you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

ronin-fuzzer is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.

You should have received a copy of the GNU Lesser General Public License along with ronin-fuzzer. If not, see https://www.gnu.org/licenses/.

ronin-fuzzer's People

Contributors

Stargazers

Watchers

Forkers

yonasbsd noraj grubbsb

ronin-fuzzer's Issues

Re-add project files

Re-add the usual project files.

Release 0.2.0.rc1

Update to kramdown-man 1.0.0

Update the kramdown-man dependency to 1.0.0. Also update the man pages to use the new kramdown-man syntax (definition lists for arguments/options definitions and [ronin-foo](ronin-foo.1.md) man page links).

Add Fuzzer Workers

Add Fuzzer Worker classes.

File Worker: simply writes the fuzz data to a file.
Program Worker: invokes a program with the fuzz data.
Network Worker: open a TCP/UDP socket and send the fuzz data.

Release ronin-fuzzer 0.1.0.beta2

Add combinatorics as a dependency

Add combinatorics: ~> 0.4 as a dependency.

Update project name/description in license headers

Update the project name/description in all license headers. Also tag ronin-fuzzing as after that point the project officially becomes ronin-fuzzing, instead of being a part of ronin-support.

Release ronin-fuzzer 0.1.0.beta1

Re-add JRuby to the CI matrix

Re-add JRuby to the CI matrix now that JRuby 9.4 has been released, which adds support for Ruby 3.1.

Add `NAME` sections to all man pages

Add a NAME section to the tops of all man pages with the command's name and a short summary.

## NAME

ronin foo - summary here

This can probably be automated with a Ruby script.

Move in the `ronin-fuzzer` command from the ronin repo

Add the ronin-fuzzer command from the ronin repository. Rename it to fuzz for brevity. Also copy in it's man page.