0

I am creating a network fuzzer in Python and I have a debate about using open-source mutators or create my custom mutator. The fuzzing target is proprietary network protocols. What I am looking for is some flexibility with the data types so I can do "smart" fuzz over integers and strings, but also be able to create my own modules. The final product will essentially be a scapy-fuzzer wrapper, that will get pcaps from the corpus, and target either the whole TCP stack or specific fields in the packets to fuzz.

I looked at some solutions like https://pypi.org/project/fuzzing/ but I am not sure how to evaluate them. Are there any suggestion and rationals to look for?

ystv
  • 13
  • 2
  • Have you considered using radamsa? – wireghoul Feb 04 '20 at 12:28
  • Yes. Radamsa was my to go approach, but it does not support any data types. While it might be my final solution if I custom made everything, I first would like to know if there are alternatives. I also do not like the fact that there is no library available for radamsa and I have to call the executable from the script. – ystv Feb 04 '20 at 12:32

0 Answers0