mirror of
https://github.com/FuzzingLabs/fuzzforge_ai.git
synced 2026-05-21 20:16:52 +02:00
Tanguy Duhamel
fe50d4ef72
This commit implements a complete Python fuzzing workflow using Atheris: ## Python Worker (workers/python/) - Dockerfile with Python 3.11, Atheris, and build tools - Generic worker.py for dynamic workflow discovery - requirements.txt with temporalio, boto3, atheris dependencies - Added to docker-compose.temporal.yaml with dedicated cache volume ## AtherisFuzzer Module (backend/toolbox/modules/fuzzer/) - Reusable module extending BaseModule - Auto-discovers fuzz targets (fuzz_*.py, *_fuzz.py, fuzz_target.py) - Recursive search to find targets in nested directories - Dynamically loads TestOneInput() function - Configurable max_iterations and timeout - Real-time stats callback support for live monitoring - Returns findings as ModuleFinding objects ## Atheris Fuzzing Workflow (backend/toolbox/workflows/atheris_fuzzing/) - Temporal workflow for orchestrating fuzzing - Downloads user code from MinIO - Executes AtherisFuzzer module - Uploads results to MinIO - Cleans up cache after execution - metadata.yaml with vertical: python for routing ## Test Project (test_projects/python_fuzz_waterfall/) - Demonstrates stateful waterfall vulnerability - main.py with check_secret() that leaks progress - fuzz_target.py with Atheris TestOneInput() harness - Complete README with usage instructions ## Backend Fixes - Fixed parameter merging in REST API endpoints (workflows.py) - Changed workflow parameter passing from positional args to kwargs (manager.py) - Default parameters now properly merged with user parameters ## Testing ✅ Worker discovered AtherisFuzzingWorkflow ✅ Workflow executed end-to-end successfully ✅ Fuzz target auto-discovered in nested directories ✅ Atheris ran 100,000 iterations ✅ Results uploaded and cache cleaned
77 lines
1.6 KiB
YAML
77 lines
1.6 KiB
YAML
name: atheris_fuzzing
|
|
version: "1.0.0"
|
|
vertical: python
|
|
description: "Fuzz Python code using Atheris with real-time monitoring. Automatically discovers and fuzzes TestOneInput() functions in user code."
|
|
author: "FuzzForge Team"
|
|
category: "fuzzing"
|
|
tags:
|
|
- "fuzzing"
|
|
- "atheris"
|
|
- "python"
|
|
- "coverage"
|
|
- "security"
|
|
|
|
supported_volume_modes:
|
|
- "ro"
|
|
|
|
default_volume_mode: "ro"
|
|
default_target_path: "/workspace"
|
|
|
|
requirements:
|
|
tools:
|
|
- "atheris_fuzzer"
|
|
resources:
|
|
memory: "512Mi"
|
|
cpu: "500m"
|
|
timeout: 3600
|
|
|
|
has_docker: false
|
|
|
|
default_parameters:
|
|
target_file: null
|
|
max_iterations: 100000
|
|
timeout_seconds: 300
|
|
|
|
parameters:
|
|
type: object
|
|
properties:
|
|
target_file:
|
|
type: string
|
|
description: "Python file with TestOneInput() function (auto-discovered if not specified)"
|
|
max_iterations:
|
|
type: integer
|
|
default: 100000
|
|
description: "Maximum fuzzing iterations"
|
|
timeout_seconds:
|
|
type: integer
|
|
default: 300
|
|
description: "Fuzzing timeout in seconds (5 minutes)"
|
|
|
|
output_schema:
|
|
type: object
|
|
properties:
|
|
findings:
|
|
type: array
|
|
description: "Crashes and vulnerabilities found during fuzzing"
|
|
items:
|
|
type: object
|
|
properties:
|
|
title:
|
|
type: string
|
|
severity:
|
|
type: string
|
|
category:
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
summary:
|
|
type: object
|
|
description: "Fuzzing execution summary"
|
|
properties:
|
|
total_executions:
|
|
type: integer
|
|
crashes_found:
|
|
type: integer
|
|
execution_time:
|
|
type: number
|