TAFuzzer: Effective and Efficient Targeted Fuzzing framework for Smart Contract Vulnerability Detection (CCS2022a Under Review).

Overview

TAFuzzer

An effective and efficient targeted fuzzing framework for smart contract vulnerability detection.

Requirements

TAFuzzer is supported on Linux (ideally Ubuntu 18.04).

Dependencies:

Architecture

$(TAFuzzer)
├── sFuzz
│   ├── fuzzer
│   ├── libfuzzer
│   ├── liboracle
│   └── ...
├── bran
│   └── ...
├── tools
│   ├── requirements.txt
│   └── ...
├── assets
│   ├── ReentrancyAttacker_model.sol
│   ├── ReentrancyAttacker.sol
│   └── ...
├── source_code
│   └── ...
├── contracts
│   └── ...
├── branch_msg
│   └── ...
├── logs
│   └── ...
├── fuzz
├── initial_.sh
├── rename_src.sh
├── run.sh
└── README.md
  • sFuzz: The main fuzzing module of TAFuzzer
  • bran: The abstract interpreter for path analysis
  • tools: The static analysis tools for extracting vulnerability-specific patterns
    • requirements.txt:Required python dependencies
  • assets:
    • ReentrancyAttacker_model.sol: The template for construting an attacker contract
    • ReentrancyAttacker.sol: The attacker contract generated based on the template
  • source_code: Store the source code of the contract under test
  • contracts/example1: Store the compiled results of the contract under test
  • branch_msg: Store the intermediate representations of the contract under test
  • logs: Store the execution report during fuzzing
  • fuzz: Execute the fuzzer

Quick Start

  • Initialization and Install system dependencies
./initial_.sh
  • Make workspace for the contract in directory source_code
./rename_src.sh
  • Run TAFuzzer and perform vulnerability detection
./run.sh
  • Note: the code is adapted from sFuzz (a state-of-the-art fuzzer for smart contracts) and bran (a static analysis framework for EVM bytecode).

Dataset

We release the benchmark dataset collected from Etherescan, which contains over 12K Ethereum smart contracts and concerns eight types of vulnerabilities. Download the benchmark dataset at Smart contract dataset.

Owner
This is a GitHub account that provides anonymous source code or datasets to support submitted papers.
null
Sloth 🦥 is a coverage guided fuzzing framework for fuzzing Android Native libraries that makes use of libFuzzer and QEMU user-mode emulation

Sloth ?? Sloth is a fuzzing setup that makes use of libFuzzer and QEMU’s user-mode emulation (qemu/linux-user) on x86_64/aarch64 host to emulate aarch

Chaithu 74 Jul 26, 2022
K-Closest Points and Maximum Clique Pruning for Efficient and Effective 3-D Laser Scan Matching (RA-L 2022)

KCP The official implementation of KCP: K-Closest Points and Maximum Clique Pruning for Efficient and Effective 3D Laser Scan Matching, accepted for p

Yu-Kai Lin 97 Aug 1, 2022
Calido - Open Smart Thermostat and Smart Home Controller. Built on a Thingy:91 (nRF9160).

Calido - Open Smart Thermostat and Smart Home Controller based on a Nordic Semiconductor Thingy:91 Project can be found here (Electromaker.io). A Make

ticccco 3 Jun 25, 2022
A C++11 large integer library with effective high performance, simplistic in nature and also clean in the eyes.

BigIntegerCPP BigIntegerCPP is a C++11 port of large integer library used in CryptoLib4Pascal. It allows mostly parsing of numbers as strings in diffe

Telepati 25 Apr 22, 2022
Cobalt Strike is a commercial, full-featured, remote access tool that bills itself as "adversary simulation software designed to execute targeted attacks and emulate the post-exploitation actions of advanced threat actors".

COBALT STRIKE 4.4 Cobalt Strike is a commercial, full-featured, remote access tool that bills itself as "adversary simulation software designed to exe

Trewis [work] Scotch 99 Aug 10, 2022
CollabFuzz: A Framework for Collaborative Fuzzing

Collaborative Fuzzing Design In this cooperative framework, the fuzzers collaborate using a centralized scheduler.

VUSec 59 Jul 6, 2022
Open source Splatoon 2 save editor for the Nintendo Switch (NX) built on top of the effective-spoon project

Open source Splatoon 2 save editor for the Nintendo Switch (NX) built on top of the effective-spoon project

Crusty ★ 5 Mar 25, 2022
Interface between the Artery V2X Simulation Framework and DuT (Device under Test).

INFM HIL Interface Interface between the Artery V2X Simulation Framework and DuT (Device under Test). The Interface should support standards like: CAN

Laki 4 Dec 21, 2021
USENIX 2021 - Nyx: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types

Nyx: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types Nyx is fast full-VM snapshot fuzzer for type-2 hypervisors. It's built upon kAFL

Chair for Sys­tems Se­cu­ri­ty 156 Jul 18, 2022
The artifact associated with our ISSTA 2021 paper "Seed Selection for Successful Fuzzing"

Seed Selection for Successful Fuzzing The artifact associated with our ISSTA 2021 paper "Seed Selection for Successful Fuzzing". While our primary art

HexHive 28 Jul 21, 2022
Owfuzz: a WiFi protocol fuzzing tool

owfuzz owfuzz: a WiFi protocol fuzzing tool using openwifi. Openwifi is an open-source WiFi protocol stack based on SDR that is fully compatible with

Alipay 137 Aug 9, 2022
BSOD: Binary-only Scalable fuzzing Of device Drivers

bsod-kernel-fuzzing This repository contains the implementations described in "BSOD: Binary-only Scalable fuzzing Of device Drivers". The paper and th

Fabian Toepfer 131 Aug 5, 2022
OSS-Fuzz - continuous fuzzing for open source software.

OSS-Fuzz: Continuous Fuzzing for Open Source Software Fuzz testing is a well-known technique for uncovering programming errors in software. Many of th

Google 7.7k Aug 13, 2022
PoC for CVE-2021-28476 a guest-to-host "Hyper-V Remote Code Execution Vulnerability" in vmswitch.sys.

CVE-2021-28476: a guest-to-host "Microsoft Hyper-V Remote Code Execution Vulnerability" in vmswitch.sys. This is a proof of concept for CVE-2021-28476

Axel Souchet 206 Aug 3, 2022
PoC (DoS) for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)

CallbackHell DoS PoC for CVE-2021-40449 (Win32k - LPE) CallbackHell Description Technical Writeup PoC References Description CVE-2021-40449 is a use-a

Oliver Lyak 415 Jul 28, 2022
struct_san is a vulnerability prevention tool that dynamically detects function pointers in kernel structures

struct_san - struct sanitizer 简介 struct_san是一个动态检测内核结构体函数指针的漏洞防御工具。业界对于结构体函数指针的保护主要集中在 Control-Flow Integrity (CFI),也就是关注在控制流上,没有关注在数据流上,例如某些CFI验证函数指针

YunDing Security Lab 19 May 6, 2022
Vulnerability Exploitation Code Collection Repository

Introduction expbox is an exploit code collection repository List Strapi CMS 3.0.0-beta.17.4 - Remote Code Execution curl -i -s -k -X $'POST' -H $'Hos

0x0021h 263 Feb 14, 2022
Exploit for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)

CallbackHell Exploit for CVE-2021-40449 (Win32k - LPE) CallbackHell Description Technical Writeup PoC References Description CVE-2021-40449 is a use-a

Oliver Lyak 415 Jul 28, 2022