ClusterFuzz is a scalable fuzzing infrastructure that finds security and stability issues in software.

Related tags

Security related resourcessecurityfuzzingvulnerabilitiesstability
Overview

ClusterFuzz

ClusterFuzz is a scalable fuzzing infrastructure that finds security and stability issues in software.

Google uses ClusterFuzz to fuzz all Google products and as the fuzzing backend for OSS-Fuzz.

ClusterFuzz provides many features which help seamlessly integrate fuzzing into a software project's development process:

Overview

Documentation

You can find detailed documentation here.

Trophies

As of February 2021, ClusterFuzz has found ~29,000 bugs in Google (e.g. Chrome) and 26,000+ bugs in over 400 open source projects integrated with OSS-Fuzz.

Getting Help

You can file an issue to ask questions, request features, or ask for help.

Staying Up to Date

We will use clusterfuzz-announce(#)googlegroups.com to make announcements about ClusterFuzz.

ClusterFuzzLite

For a more lightweight version of ClusterFuzz that runs on CI/CD systems, check out ClusterFuzzLite.

Comments
  • Update TensorFlow and other dependencies after Python3 migration

    Update TensorFlow and other dependencies after Python3 migration

    We haven't updated it in a while and while working on https://github.com/google/clusterfuzz/issues/1535 it became evident that we're using a too old version. For instance, there is not build of it for Python3.7.

    I'm hoping to fix https://github.com/google/clusterfuzz/issues/1535 with some old-but-new-enough version, but we'll definitely should upgrade all ML pieces after the migration.

    Py2->3 
    opened by Dor1s 63
  • Gradientfuzz Integration [2]

    Gradientfuzz Integration [2]

    • Added GradientFuzz training task script.
      • Functionality: Generates input/output pairs from raw inputs, trains model, and uploads weights to GCS.
    • Added GradientFuzz training task unit tests.
      • Tests mock function calls, input/output pair generation, and training on a small corpus using a small, custom-built binary.
    • Added auxiliary test files for unit tests.
    • Refactored functions from RNN generator training script for general ML-fuzz training scripts.
    cla: yes 
    opened by RyanBCao 33
  • Convert to TF v2 model

    Convert to TF v2 model

    I had to change batch size: now it must be the same as when the model was created. I think there might a possibility to use a different batch size but I'll have to look through documentation to make sure.

    Also, changed a typo: first argument of build_model should be the product between hidden layer size and hidden state size, not the square of one of the sizes. Again, this should match the model as trained.

    Finally, changed the error type that is thrown when trying to predict using a model of invalid format.

    The rest, is just moving stuff outside of the session loop and replacing the feed+run with a direct model call to get the prediction.

    cla: yes 
    opened by mihaimaruseac 32
  • DO NOT MERGE: debugging fuchsia integration test

    DO NOT MERGE: debugging fuchsia integration test

    it's hanging on CI but not locally

    this CL adds more logging to help pin down root cause

    making it as a pull request since that's the way i know to get it onto CQ!

    but DO NOT REVIEW and DO NOT MERGE :)

    cla: no 
    opened by flowerhack 30
  • libFuzzer: use two step merge after fuzzing for accurate stats (#802).

    libFuzzer: use two step merge after fuzzing for accurate stats (#802).

    1. Use the two step merge process implemented and documented in https://reviews.llvm.org/D66107

    2. Parse edge and feature coverage from the merge log. The first merge step is done using the initial corpus only, i.e. it gives the "initial" stats. The second merge step is executed on the newly generated files and provides the overall stats (coverage data is appended to the "initial" corpus, that's why we need to specify the same -merge_control_file for two steps_. The diff between two stats is supposed to be the most accurate data we can obtain.

    3. This implementation runs libFuzzer's merge in a way that prioritizes reduced inputs over the longer equivalents from the original corpus. We might be able to get rid of move_mergeable_units, I'll look into that later, once this change settles in.

    4. libFuzzer on all platforms / projects should be recent enough at this point, therefore I've recompiled the test fuzzers as well to include that new merge functionality.

    5. I'll try to stage this on a bot tomorrow as it feels a little scary, even though tests were extremely helpful and caught a few mistakes I made.

    cla: yes 
    opened by Dor1s 27
  • Add support for Android Cuttlefish flash

    Add support for Android Cuttlefish flash

    This change is based on the new design that Clusterfuzz and Cuttlefish will be started in separate docker containers under same network. To flash the device, Clusterfuzz will fetch the latest Cuttlefish builds from Android build system and launch the cvd on Cuttlefish via ssh.

    cla: yes 
    opened by Huiziyang 25
  • Use Filestore NFS rather than GCS in Google Cloud?

    Use Filestore NFS rather than GCS in Google Cloud?

    So we are using Clusterfuzz but we are finding that the vast majority of cost of using clusterfuzz in Google cloud is going to class B operations in GCS. with about 100 bots we are finding that half the cost is going into GCS class B read operations (aout 3-4 Billion operations), which comes out to about $1500 in read operations out of a total of $3000/month. We want to ramp up the number of bots to about 1000 VMs but the expected increase in read operations would break our budget.

    So we decided to also setup an on-premise clusterfuzz (cfz) instance but of course that has it's own challenges. But we realized that on-prem local instance of cfz uses a GCS emulator with an NFS backend. I was wondering if a cloud production deployment of Clusterfuzz has used the GCS emulator to point to Google Filestore so that we can avoid the high cost of GCS class B operations.

    This could help mitigate the high cost of all the read operations from GCS and save us 50% in costs? Has anyone tried this and do you see any problems attempting this? Is there anything we lose by doing this? Do we lose any of the functionality of the analytics?

    Is this even possible with the cloud version of clusterfuzz? If so any guidance would be helpful.

    documentation 
    opened by urbanenomad 25
  • Document port forwarding for 900*, maybe other ports if server accessed from remote.

    Document port forwarding for 900*, maybe other ports if server accessed from remote.

    I'm running a local instance of clusterfuzz. I just run the server with default settings.

    $ python butler.py run_server

    Then I follows this guide https://google.github.io/clusterfuzz/setting-up-fuzzing/libfuzzer-and-afl/ ,

    I can "add new job". But it failed if I upload custom fuzzer zip to the job.

    | ERROR    2019-02-11 15:44:09,029 base_handler.py:198] Failed to upload.
| Traceback (most recent call last):
|   File "/usr/lib/google-cloud-sdk/platform/google_appengine/lib/webapp2-2.3/webapp2.py", line 545, in dispatch
|     return method(*args, **kwargs)
|   File "/home/kcwu/src/clusterfuzz/src/appengine/libs/handler.py", line 286, in wrapper
|     return func(self, *args, **kwargs)
|   File "/home/kcwu/src/clusterfuzz/src/appengine/libs/handler.py", line 413, in wrapper
|     return func(self, *args, **kwargs)
|   File "/home/kcwu/src/clusterfuzz/src/appengine/handlers/jobs.py", line 126, in post
|     blob_info = self.get_upload()
|   File "/home/kcwu/src/clusterfuzz/src/appengine/handlers/base_handler.py", line 248, in get_upload
|     raise helpers.EarlyExitException('Failed to upload.', 500)
| EarlyExitException: Failed to upload.
    documentation 
    opened by kcwu 23
  • Use Python3 compatible syntax.

    Use Python3 compatible syntax.

    This code continues to run correctly under Python2.

    Changes include:

    • Modernized octal literals
    • Print as a function
    • 'as' syntax for handling exceptions
    • Remove of 'L' long suffixes
    opened by alex 23
  • Initial support for Fuchsia on ClusterFuzz.

    Initial support for Fuchsia on ClusterFuzz.

    Feedback/changes very welcome.

    This CL teaches ClusterFuzz to spin up a Fuchsia QEMU VM and communicate with it in a basic way.

    Right now, all the "fuzzing" command does is run "ls" on the target system, as a sort of "hello world"; a follow-up CL will teach it to select & use proper fuzzing commands.

    We chose this approach because Fuchsia fully supports libfuzzer on-target; running, e.g., "fuzz [fuzzer_name]" instead of "ls" will simply fuzz using the named fuzzer, and return when it encounters some result. See https://fuchsia.googlesource.com/fuchsia/+/refs/heads/master/docs/development/workflows/libfuzzer.md

    Follow-on CLs will include: using "fuzz" instead of "ls", syncing corpora, perhaps utilizing GCE support in lieu of QEMU, etc

    To run this locally, you must:

    • Use the admin panel to set up a Fuchsia fuzzing "job". -> The job must have Platform = FUCHSIA -> The job must use the libfuzzer and engine_asan templates -> You must include a libfuzzer_asan_test_fuzzer.zip file in "Custom Build" --> (I noticed that jobs tended to hang with 'Upto #' statements if a custom build was not included; would love to find some workaround for this, since the Fuchsia fuzzing job doesn't really need a custom build.) -> Finally, set FUCHSIA-RESOURCES_PATH to a proper GCS bucket path. You can use mine for testing if you like: gs://fuchsia_on_clusterfuzz_resources_v1/*
    • Go to "Fuzzers" in the admin panel and add your job to the libFuzzer fuzzer.
    • Run QUEUE_OVERRIDE=FUCHSIA OS_OVERRIDE=FUCHSIA python butler.py run_bot --name someplace ~/someplace.

    For debugging, it's helpful to tail -f ~/someplace/clusterfuzz/bot/logs*.

    cla: yes 
    opened by flowerhack 22
  • Fix heartbleed fuzzer example to run in prod

    Fix heartbleed fuzzer example to run in prod

    I've attempted to fuzz some simple C programs using Clusterfuzz which i'm hosting on GCP. I wasn't able to produce any output so I decided to restart the service. Now I am receiving errors related to cron jobs that run regularly throughout the day, despite there not being any currently running fuzzing tasks.

    1) RuntimeError: Invalid subscription: projects/clusterfuzz-XXXXX/subscriptions/jobs-linux  
2) Task exited with exception. main
3) Failed to get any fuzzing tasks. This should not happen. get_task
4) RuntimeError: Invalid topic: projects/clusterfuzz-XXXXX/topics/jobs-linux

    I can successfully log in to the web application and upload a fuzzing task, however I do not get any output in testcases or the fuzzer statistics.

    opened by louiscb 20
  • Bump actions/upload-artifact from 3.1.0 to 3.1.2

    Bump actions/upload-artifact from 3.1.0 to 3.1.2

    Bumps actions/upload-artifact from 3.1.0 to 3.1.2.

    Release notes

    Sourced from actions/upload-artifact's releases.

    v3.1.2

    • Update all @actions/* NPM packages to their latest versions- #374
    • Update all dev dependencies to their most recent versions - #375

    v3.1.1

    • Update actions/core package to latest version to remove set-output deprecation warning #351
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 0
  • Bump setuptools from 62.3.2 to 65.5.1 in /src

    Bump setuptools from 62.3.2 to 65.5.1 in /src

    Bumps setuptools from 62.3.2 to 65.5.1.

    Release notes

    Sourced from setuptools's releases.

    v65.5.1

    No release notes provided.

    v65.5.0

    No release notes provided.

    v65.4.1

    No release notes provided.

    v65.4.0

    No release notes provided.

    v65.3.0

    No release notes provided.

    v65.2.0

    No release notes provided.

    v65.1.1

    No release notes provided.

    v65.1.0

    No release notes provided.

    v65.0.2

    No release notes provided.

    v65.0.1

    No release notes provided.

    v65.0.0

    No release notes provided.

    v64.0.3

    No release notes provided.

    v64.0.2

    No release notes provided.

    v64.0.1

    No release notes provided.

    v64.0.0

    No release notes provided.

    v63.4.3

    No release notes provided.

    v63.4.2

    No release notes provided.

    ... (truncated)

    Changelog

    Sourced from setuptools's changelog.

    v65.5.1

    Misc ^^^^

    • #3638: Drop a test dependency on the mock package, always use :external+python:py:mod:unittest.mock -- by :user:hroncok
    • #3659: Fixed REDoS vector in package_index.

    v65.5.0

    Changes ^^^^^^^

    • #3624: Fixed editable install for multi-module/no-package src-layout projects.
    • #3626: Minor refactorings to support distutils using stdlib logging module.

    Documentation changes ^^^^^^^^^^^^^^^^^^^^^

    • #3419: Updated the example version numbers to be compliant with PEP-440 on the "Specifying Your Project’s Version" page of the user guide.

    Misc ^^^^

    • #3569: Improved information about conflicting entries in the current working directory and editable install (in documentation and as an informational warning).
    • #3576: Updated version of validate_pyproject.

    v65.4.1

    Misc ^^^^

    v65.4.0

    Changes ^^^^^^^

    v65.3.0

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.
    dependencies python 
    opened by dependabot[bot] 0
  • Bump setuptools from 60.9.3 to 65.5.1

    Bump setuptools from 60.9.3 to 65.5.1

    Bumps setuptools from 60.9.3 to 65.5.1.

    Release notes

    Sourced from setuptools's releases.

    v65.5.1

    No release notes provided.

    v65.5.0

    No release notes provided.

    v65.4.1

    No release notes provided.

    v65.4.0

    No release notes provided.

    v65.3.0

    No release notes provided.

    v65.2.0

    No release notes provided.

    v65.1.1

    No release notes provided.

    v65.1.0

    No release notes provided.

    v65.0.2

    No release notes provided.

    v65.0.1

    No release notes provided.

    v65.0.0

    No release notes provided.

    v64.0.3

    No release notes provided.

    v64.0.2

    No release notes provided.

    v64.0.1

    No release notes provided.

    v64.0.0

    No release notes provided.

    v63.4.3

    No release notes provided.

    v63.4.2

    No release notes provided.

    ... (truncated)

    Changelog

    Sourced from setuptools's changelog.

    v65.5.1

    Misc ^^^^

    • #3638: Drop a test dependency on the mock package, always use :external+python:py:mod:unittest.mock -- by :user:hroncok
    • #3659: Fixed REDoS vector in package_index.

    v65.5.0

    Changes ^^^^^^^

    • #3624: Fixed editable install for multi-module/no-package src-layout projects.
    • #3626: Minor refactorings to support distutils using stdlib logging module.

    Documentation changes ^^^^^^^^^^^^^^^^^^^^^

    • #3419: Updated the example version numbers to be compliant with PEP-440 on the "Specifying Your Project’s Version" page of the user guide.

    Misc ^^^^

    • #3569: Improved information about conflicting entries in the current working directory and editable install (in documentation and as an informational warning).
    • #3576: Updated version of validate_pyproject.

    v65.4.1

    Misc ^^^^

    v65.4.0

    Changes ^^^^^^^

    v65.3.0

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.
    dependencies python 
    opened by dependabot[bot] 0
  • Bump actions/setup-python from 4.2.0 to 4.4.0

    Bump actions/setup-python from 4.2.0 to 4.4.0

    Bumps actions/setup-python from 4.2.0 to 4.4.0.

    Release notes

    Sourced from actions/setup-python's releases.

    Add support to install multiple python versions

    In scope of this release we added support to install multiple python versions. For this you can try to use this snippet:

        - uses: actions/[email protected]
      with:
        python-version: |
            3.8
            3.9
            3.10

    Besides, we changed logic with throwing the error for GHES if cache is unavailable to warn (actions/setup-python#566).

    Improve error handling and messages

    In scope of this release we added improved error message to put operating system and its version in the logs (actions/setup-python#559). Besides, the release

    v4.3.0

    • Update @​actions/core to 1.10.0 version #517
    • Update @​actions/cache to 3.0.4 version #499
    • Only use github.token on github.com #443
    • Improvement of documentation #477 #479 #491 #492
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 2
  • tsan_suppressions.txt not in repository

    tsan_suppressions.txt not in repository

    Test cases like https://clusterfuzz.com/testcase-detail/6560743240695808 use TSAN_OPTIONS and refer to a tsan_suppressions.txt file at: /mnt/scratch0/clusterfuzz/src/appengine/config/suppressions/tsan_suppressions.txt

    There appears to be no such file in https://github.com/google/clusterfuzz/tree/master/src/appengine

    We'd like to either change the file and include a suppression for V8 from https://source.chromium.org/chromium/chromium/src/+/main:v8/tools/sanitizers/tsan_suppressions.txt - or find a way to use the latter directly. E.g. by using an environment variable.

    It seems that https://github.com/google/clusterfuzz/blob/4e1f65d3579cd835fd3bf6758d852f7780997a20/src/clusterfuzz/_internal/system/environment.py#L389 offers a CONFIG_DIR_OVERRIDE. If we specify a value at the job level, how can we make it point to the absolute APP_DIR ? If that was possible, we'd bundle a folder config/suppressions/ together with V8.

    V8 side issue: https://crbug.com/1401380

    opened by mi-ac 1
Releases(v2.5.8)

  • v2.5.8(Dec 7, 2022)

  • v2.5.7(May 2, 2022)

    Various fixes.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v2.5.7

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v2.5.6(Oct 10, 2021)

    • Fix a bug in libFuzzer driver (https://github.com/google/clusterfuzz/pull/2471).

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v2.5.6

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v2.5.5(Sep 15, 2021)

    • Fix a unicode decoding bug in the pi ppackage.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v2.5.5

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v2.5.4(Aug 27, 2021)

    • Fix pip package.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v2.5.4

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v2.5.3(Aug 27, 2021)

    • Fix pip package.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v2.5.3

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v2.5.2(Aug 27, 2021)

    • Fix a pip package dependency.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v2.5.2

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v2.5.1(Aug 3, 2021)

    • Remove an unnecessary pip package dependency.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v2.5.1

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v2.5.0(Aug 3, 2021)

    • Restructured internal imports to make pip package cleaner.
    • AFL++ support.
    • Many bug fixes.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v2.5.0

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • reproduce-tool-stable(Apr 27, 2021)

  • v2.4.0(Dec 11, 2020)

    • Various improvements for libClusterFuzz.
    • Local development improvements.
    • Add AFL support to the fuzzing engine pipeline.
    • Various bug fixes.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v2.4.0

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v2.3.0(Nov 1, 2020)

    • Improved ML-based fuzzing.
    • Various bug fixes.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v2.3.0

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v2.2.1(Oct 7, 2020)

    • Fix a breaking App Engine bug from 2.2.0

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v2.2.1

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v2.2.0(Oct 6, 2020)

    • Replaced webapp2 usage with Flask.
    • Improved Syzkaller support.
    • Added support for generic blackbox fuzzers.
    • Removed remaining Python 2 compatibility code.
    • Various bug fixes.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v2.2.0

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v2.1.0(Aug 5, 2020)

    • Jobs page is now paginated.
      • This version requires new DB migrations due to addition of search keywords in Jobs.
      • To perform migrations, please use:
    python butler.py run -c path/to/config --non-dry-run migration.jobs_keywords
    • Jobs page now has the ability to specify Fuzzer-Job mappings.
    • Past crash regressions are now stored in the corpus backup.
    • Set handle_=2 by default for sanitizer options in engine jobs.
    • Fix local GCS issues.
    • Remove more Python 2 support.
    • Various bug fixes.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v2.1.0

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v2.0.2(Jun 30, 2020)

    • Improved Syzkaller support.
    • Support narrower bisection for regression/fix ranges.
    • Improve Rust crash detection signatures.
    • Improved Android KASan support.
    • Batch datastore operations more aggressively.
    • Improved grouping of crashes involving inline frames.
    • Enable entropic fuzzing strategy in libFuzzer.
    • Test past crash regressions in corpus pruning task.
    • Various bug fixes.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v2.0.2

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v2.0.1(May 15, 2020)

    • Various bug fixes.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v2.0.1

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v2.0.0(May 12, 2020)

    • Various bug fixes.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v2.0.0

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v1.9.0(Apr 6, 2020)

    • Python 3 migration is complete.
    • Added Peach mutation strategy for engine fuzzers.
    • Added support for Google Cloud IAP authentication.
    • Added stop gaps to prevent corpus explosion (e.g. corpus element must be less than 5 MB).
    • Use ANTLR grammar for tokenization during testcase minimization (html, js).
    • Store statistics on corpus cross-pollination during corpus pruning.
    • Removed dependency on Google App Engine SDK.
    • Removed unused Go code.
    • Various bug fixes.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v1.9.0

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v1.8.0(Jan 10, 2020)

    • Added an uploader permission type to allow certain users to upload to any job/fuzzer.
    • More Python 3 conversion changes.
    • Bumped up libFuzzer rss limit to 2.5GB.
    • Various bug fixes.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v1.8.0

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v1.7.1(Dec 2, 2019)

    • Various bug fixes.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v1.7.1

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v1.7.0(Nov 26, 2019)

    • Better crash type reporting on various UBSan issues.
    • Initial support for Honggfuzz.
    • Additional fixes in preparation for migration to Python 3.
    • Migrated off deprecated App Engine Memcache to Cloud MemoryStore for Redis.
    • Added libFuzzer fuzzing support for Android (using HWASan).
    • Automatically correct certain common mistakes in dictionaries.
    • Various bug fixes.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v1.7.0

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v1.6.1(Nov 11, 2019)

    • Various bug fixes.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v1.6.1

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v1.6.0(Oct 16, 2019)

    • Added platform support for Fuchsia OS.
    • Migrated libFuzzer to the new pluggable engine pipeline.
    • Stack parsing improvments.
    • Various bug fixes.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v1.6.0

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v1.5.1(Sep 3, 2019)

    • Fixed XSS in login page.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v1.5.1

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v1.5.0(Sep 3, 2019)

    • Added Golang stack parsing.
    • Added Sanitizer options minimization.
    • Added HELP_FORMAT for custom crash reproduction instructions. See documentation here.
    • Added feature to show reproducible variants for a crash on other jobs (Reproducer column in Testcase analysis on other jobs section).
    • Refactored engine fuzzer code for easy pluggability.
    • Reproduce tool improvements - performance fixes, added android support.
    • UI improvements - search filter in dropdowns.
    • Various bug fixes.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v1.5.0

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v1.4.0(Jul 23, 2019)

    • Various bug fixes.
    • Implemented issue tracker policy and finishing the refactoring for supporting different issue trackers.
    • Disabled external mutators (Radamsa and ML RNN) for fuzz targets built with libprotobuf-mutator library.
    • Added support for auxiliary fuzzing builds (e.g. DFSan instrumented builds for libFuzzer).
    • Refactored build_manager and fuzz_task.
    • Optimized performance of the most frequently used pages (Testcases and Testcase Details).
    • Added explicit schema for the BigQuery import calls (used to load the fuzzer stats data into BigQuery).
    • Added experimental implementation of the Multi-Armed Bandit algorithm for fuzzing strategy selection.
    • Implemented variant task that runs testcases on different jobs in order to provide more information about the bugs.
    • Implemented the new version of the reproduce tool, which currently works on Linux.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v1.4.0

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • v1.3.0(Jun 13, 2019)

    • Various bug fixes.
    • Fixed security severity listbox not working.
    • More Python 2->3 conversions using futurize.
    • Delete button on jobs page.
    • New interface for issue management, as part of refactor to support more issue trackers.
    • Android code refactoring.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v1.3.0

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • 1.2.1(May 6, 2019)

    • Various bug fixes.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v1.2.0

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)

  • 1.2.0(Apr 30, 2019)

    • Various bug fixes.
    • Use Firebase auth for authentication.
    • Use Sendgrid for emails.
    • Remove various dependencies on App Engine SDK.
    • Add support for close_fd_mask in AFL fuzzing.
    • Add metrics new_features and new_edges in libFuzzer fuzzing.
    • Support for multiple device per host in Android startup script.
    • Fix corpus minimization in libFuzzer and AFL to prioritize smaller units.
    • Preparation for Python 2->3 migration using futurize.

    Please download this release by checking out the release tag in a git checkout:

    git checkout tags/v1.2.0

    NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

    Source code(tar.gz)
    Source code(zip)
Owner
Google
Google ❤️ Open Source
Google
GitHub Repository https://google.github.io/clusterfuzz
😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.

😭 WSOB (CVE-2022-29464) 😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464. CVE-2022-29464 details:

0p 25 Oct 14, 2022
This is a simple tool to create ZIP payloads using a provided wordlist for the symlink attack (present in some file upload vulnerabilities)

zip-symlink-payload-creator This is a simple tool to create ZIP payloads using a provided wordlist for the symlink attack (present in some file upload

stark0de 6 Aug 18, 2022
Vuln Scanner With Python

VulnScanner Features Web Application Firewall (WAF) detection. Cross Site Scripting (XSS) tests. SQL injection time based test. SQL injection error ba

< / N u l l S 0 U L > 1 Dec 25, 2021
StarUML cracker - StarUML cracker With Python

StarUML_cracker Usage On Linux Clone the repo. git clone https://github.com/mana

Bibek Manandhar 9 Jun 20, 2022
Security audit Python project dependencies against security advisory databases.

Security audit Python project dependencies against security advisory databases.

52 Dec 17, 2022
A script to search, scrape and scan for Apache Log4j CVE-2021-44228 affected files using Google dorks

Log4j dork scanner This is an auto script to search, scrape and scan for Apache Log4j CVE-2021-44228 affected files using Google dorks. Installation:

Jagar 5 Dec 27, 2022
Fuzz introspector is a tool to help fuzzer developers to get an understanding of their fuzzer’s performance and identify any potential blockers.

Fuzz introspector Fuzz introspector is a tool to help fuzzer developers to get an understanding of their fuzzer’s performance and identify any potenti

Open Source Security Foundation (OpenSSF) 221 Jan 01, 2023
Python-based proof-of-concept tool for generating payloads that utilize unsafe Java object deserialization.

Python-based proof-of-concept tool for generating payloads that utilize unsafe Java object deserialization.

Astro 9 Sep 27, 2022
This is tools hacking for scan vuln in port web, happy using

Xnuvers007 PortInjection this is tools hacking for scan vuln in port web, happy using view/show python 3.9 solo coder (tangerang) 19 y/o installation

XnuxersXploitXen 6 Dec 24, 2022
Utility for Extracting all passwords from ConnectWise Automate

CWA Password Extractor Utility for Extracting all passwords from ConnectWise Automate (E.g. while migrating to a new system). Outputs a csv file with

Matthew Kyles 1 Dec 09, 2021
🍉一款基于Python-Django的多功能Web安全渗透测试工具,包含漏洞扫描,端口扫描,指纹识别,目录扫描,旁站扫描,域名扫描等功能。

Sec-Tools 项目介绍 系统简介 本项目命名为Sec-Tools,是一款基于 Python-Django 的在线多功能 Web 应用渗透测试系统,包含漏洞检测、目录识别、端口扫描、指纹识别、域名探测、旁站探测、信息泄露检测等功能。本系统通过旁站探测和域名探测功能对待检测网站进行资产收集,通过端

简简 300 Jan 07, 2023
python写的一款免杀工具(shellcode加载器)BypassAV,国内杀软全过(windows denfend)

python写的一款免杀工具(shellcode加载器)BypassAV,国内杀软全过(windows denfend)

1frame 266 Jan 02, 2023
AMC- Automatic Media Access Control [MAC] Address Spoofing Tool

AMC (Automatic Media Access Control [MAC] Address Spoofing tool), helps you to protect your real network hardware identity. Each entered time interval your hardware address was changed automatically.

Dipen Chavan 14 Dec 23, 2022
Static Token And Credential Scanner

Static Token And Credential Scanner What is it? STACS is a YARA powered static credential scanner which suports binary file formats, analysis of neste

STACS 81 Dec 27, 2022
Python DNS Lookup: The Domain Name System (DNS) is basically the phonebook of the Internet

-Python-DNS-Lookup- ✨ 🌟 Python DNS Lookup ✨ 🌟 The Domain Name System (DNS) is

Ronnie Atuhaire 2 Feb 14, 2022
Argument Injection in Dragonfly Ruby Gem

CVE-2021-33564 PoC Exploit script for CVE-2021-33564 (Argument Injection in Dragonfly Ruby Gem). Usage Arbitrary File Read python3 poc.py -u https://

Michael Tsai 12 Nov 09, 2022
This program is a WiFi cracker, you can test many passwords for a desired wifi to find the wifi password!

WiFi_Cracker About the Program: This program is a WiFi cracker! Just run code and select a desired wifi to start cracking 💣 Note: you can use this pa

Sina.f 13 Dec 08, 2022
集成crawlergo、xray、dirsearch、nmap等工具的src漏洞挖掘工具,使用docker封装运行;

tools下有几个工具,所以项目文件比较大,如果下载总是中断的话建议拆开下载各个项目然后直接拷贝dockefile和recon.py即可 0x01 hscan介绍 hscan是什么 hscan是一款旨在使用一条命令替代渗透前的多条扫描命令,通过集成crawlergo扫描和xray扫描、dirsear

102 Jan 04, 2023
Um script simples de Port Scan + DNS by Hostname

🖥 PortScan-DNS Esta é uma ferramenta simples de Port Scan + DNS by Hostname... 💻 | DNS Resolver / by Hostname: HOST IP EXTERNO IP INTERNO 💻 | Port

AlbâniaSecurity-RT 7 Dec 08, 2022
Confluence OGNL injection

CVE-2021-26084 Confluence OGNL injection CVE-2021-26084 is an Object-Graph Navigation Language (OGNL) injection vulnerability in the Atlassian Conflue

Ashish Kunwar 15 Sep 23, 2022