Projects / Fusil


Fusil is a fuzzing program. Currently, it's specific to Linux command line programs, but the code is designed to be used with any project type (remote process, fake HTTP server, fuzz network socket, etc.). It is based on a multi-agent system instead of a monolithic architecture.

Operating Systems

Recent releases

  •  09 Apr 2010 03:25

    Release Notes: sys.path is set in to ease the usage of Fusil without installing it. fusil-gettext was fixed to ignore strace errors in locateMO(). In fusil-python, Python warnings are hidden, listAllModules() includes builtin modules, and a new "only-c" option was added. A memory leak was fixed by unloading tested modules. getFunctions() was fixed to use also isclass() to detect classes. Fusil process maximum memory limit was disabled.

    •  17 Sep 2009 23:51

      Release Notes: A new fuzzer for Gimp (fusil-gimp) was created. The project Web site was moved to Bitbucket and the source code is now managed by Mercurial. Fusil has been optimized. For example, a binary file is used instead of a Unicode file to write code (WriteCode class), and the regex is not recompiled for each session (FileWatch class). Usage of Popen() for Windows was fixed. Fusil now depends on python-ptrace 0.6.

      •  06 Feb 2009 09:00

        Release Notes: A user guide and a document index were written. The HOME environment variable is copied for GDB in the replay script. More file formats (bmp, gif, ico, png, svg) are supported in fusil-firefox. fusil-python writes errors to stderr to avoid Unicode errors (especially with Python3). FileWatch renames the session to "long_output" if the program wrote more than max_nbline lines. posix.fork() is blacklisted in fusil-python to avoid false positives.

        •  31 Jan 2009 03:51

          Release Notes: now asks for confirmation if the fuzzer will not be running under a different user or as root. Even with --force-unsafe, a safety warning is shown if the fuzzer is running as the root user. Files for child processes are closed (close_fds=True). IntegerRangeGenerator was created in fusil.unicode_generator. EnvVarIntegerRange was created in fusil.process.env. A fusil-wizzard fuzzer was added. Timestamps are now written in session.log.

          •  13 Sep 2008 04:28

            Release Notes: This release adds vlc and zzuf fuzzers, a script with many options (e.g. --valgrind), and a --force-unsafe option (like --unsafe but without the confirmation). It always uses a null device as stdin for child processes to avoid blocking the fuzzer if the process reads stdin. The created process identifier is written in the logs.


            Project Spotlight


            A Fluent OpenStack client API for Java.


            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.