gamozolabs/cookie_dough gamozolabs/cookie_dough

  • Stars
    star
    161
  • Rank 233,470 (Top 5 %)
  • Language
    Rust
  • License
    MIT License
  • Created over 4 years ago
  • Updated about 4 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
gamozolabs/cookie_dough
github

gamozolabs

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A fuzzing introspection tool

Summary

This is a environment for measuring and observing the behaviors of fuzzers from inside the fuzzer itself.

This allows for comparing fuzzers without having to worry about them having different definitions of performance and coverage.

Visualizations

This tool provides real-time visualizations of coverage as it happens, so you can not only see what was hit, but what is being hit frequently!

It's important to note, while this tool currently mainly does visualizations, we'll likely start working on analyizing results statistically rather than eyeballing images!

Usage

To use this, simply run cargo run in prog_gen to create a random program. This random program expects a filename as the argument once compiled which is then used as the fuzz input for the randomly generated program.

This program then reports status via shared memory to a file which can be observed and monitored in a web browser by using coverage_server. Run cargo run in coverage server and it will monitor the shared memory for changes on an interval, and when new changes are observed the information will be pushed over a websocket to a website which will visualize the coverage in realtime via graphviz SVG.

TL;DR

Run cargo run in prog_gen to generate a random program.

Run cargo run in coverage_server to monitor coverage events.

Run python3 -m http.server in coverage_server to host the coverage viewer website, and navigate to the locally hosted website.

More Repositories

1

orange_slice

A research kernel and hypervisor attempting to get fully deterministic emulation with minimum performance cost
Rust
506
star
2

chocolate_milk

Pure Rust x86_64 bootloader and kernel
Rust
478
star
3

mesos

Binary coverage tool without binary modification for Windows
Rust
405
star
4

applepie

A hypervisor for fuzzing built with WHVP and Bochs
C++
361
star
5

mempeek

A command line tool that resembles a debugger as well as Cheat Engine, to search for values in memory
Rust
217
star
6

fzero_fuzzer

A fast Rust-based safe and thead-friendly grammar-based fuzz generator
Rust
208
star
7

elfloader

An architecture-agnostic ELF file flattener for shellcode
Rust
207
star
8

falkervisor_grilled_cheese

C
168
star
9

proc_mem_ida_loader

A /proc/mem IDA loader to snapshot a running process
Python
149
star
10

fuzz_with_emus

Why fuzzing with emulators is amazing
Rust
129
star
11

nginx_shitpost

Nginx 0-day on latest nginx
C
116
star
12

rv32i_jit

A super simple RV32i JIT, designed for ease of understanding and modification
C
76
star
13

lemonade

A debugger for Linux in Rust
Rust
76
star
14

falkervisor_beta

Assembly
75
star
15

basic_mutator

About as basic of a mutator as you can get, but it does the trick in most situations
Rust
55
star
16

slime_tree

Worst Android kernel fuzzer
Rust
43
star
17

falkhash

Exotic Shitty Hash Maybe
C
43
star
18

guifuzz

A GUI fuzzing application set up to fuzz calc.exe right now
Rust
36
star
19

riscv

A div-less, mul-less, atomic-less `rv64i` compiler toolchain using purely clang, musl, and compiler-rt
C
27
star
20

whylol

Shhh
Rust
27
star
21

adventures_in_fuzzing

Here's the slides and audio for a talk I did at NYU on the 13th of November 2018
27
star
22

init

A super simple /sbin/init for Linux which allows running one and only one program
Rust
22
star
23

vectorized_mmu

Snapshot of the vectorized MMU that lines up with the vectorized MMU blog
Rust
22
star
24

rust_mips_nt4

Rust development environment for MIPS on NT4
Rust
19
star
25

aflbench

An AFL scaling benchmarking tool
Python
18
star
26

flounder

Flounder is an old corpus collector I wrote, but it still works. Just need a Bing API key
Python
18
star
27

pdblister

Faster version of `symchk /om` for generating PDB manifests of offline machines
Rust
18
star
28

gamozolabs.github.io

Apparently this maybe blogs or something?
Ruby
16
star
29

fuzzyneural

A neural network using fuzzing-style feedback rather than back-propagation
Rust
16
star
30

vectorized_emulation_recon_2019

Gave a talk on Vectorized emulation at Recon Montreal 2019, here are the slides
16
star
31

cuddly_kangaroo

A static website generator that embeds all images as base64, and thus can be used with a single resource.
Rust
15
star
32

snuffles

A high-performance graphics API designed mainly for data visualization
Rust
15
star
33

hellscape

Playground for testing feedback
Assembly
14
star
34

helicopter_game

This is uhh, a "clone" of the helicopter game
Rust
13
star
35

canon_pixma_mx492

Reverse engineering project on stream
Rust
13
star
36

coverage_highlight

A very simple coverage highlighter for VIM
Python
12
star
37

freetype_harness

Definitely not for fuzzing
Rust
11
star
38

qemu_chrooter

Take a QEMU binary, copy the dependencies into a chroot
Rust
11
star
39

bridengroom

Windows Heap Loggin'
Rust
11
star
40

statusbar

A DWM status that shows the MPD playing song and the current datetime in milliseconds
Rust
10
star
41

libprocmem

A simple /proc/<pid>/{mem,maps} library for Rust
Rust
9
star
42

fuzztheory

A project for simulating fuzzing such that analysis can be done on coverage/feedback/scaling mechanisms
Rust
9
star
43

safecast

Safe casting in Rust!
Rust
7
star
44

ffmpegged

Uhh, trying to make encoding actually use cores
Rust
7
star
45

coff_nm

`nm` and `addr2line` but for DI "debug-info" COFF files
Rust
7
star
46

streamwrite

Benchmarking sequential i32 stores
Rust
6
star
47

teraflopter420

A helicoptor game engine with perf
Rust
6
star
48

bochs_determinism_test

Used to run 2 Bochs instances in lockstep to verify they do the same things
C++
5
star
49

noodle

A non-procedrual Rust serialization and deserialization library
Rust
4
star
50

fork_benchmarking

I get asked about this a lot
Rust
4
star
51

lossless_compression_tutorial

An old tutorial I wrote during class about 10 years ago. It's probably bad, don't use it.
3
star
52

server_simulator_2020

Simulates servers to find the best server to run for the cost
Rust
3
star
53

OnorineAutoCandy

An automated WoW chocolate addon
Lua
3
star
54

simple_slope_viewer

A basic 3d model viewer with a fly-based model. Designed for exploring WoW collision maps
Rust
2
star
55

font_test

Font test do not use ever
Rust
2
star
56

gamlang

Some ancient programming language I thought was a good idea
C
2
star
57

wow_priest_theorycraftin

Here we use supercomputers to optimize WoW characters, why not
Rust
1
star
58

onorine_jumps

A WoW addon for helping with doing tricky jumps and exploring
Lua
1
star
59

triangle_test

Testing triangles
Rust
1
star
60

ErannaAuctions

Dumping ground for auction data harvesting
Lua
1
star
61

FishingBuddy

The FishingBuddy addon for Classic WoW, but with per-hour stat tracking
Lua
1
star
62

speculation_data

Just some random data from an observed speculative session on Kaby Lake
Gnuplot
1
star
63

wow_classic_manatick_reversing

Trying to figure out exactly how mana ticks work in WoW vanilla
Lua
1
star