About

Sydr is a dynamic symbolic execution tool that explores new paths and enables error detection. Sydr uses DynamoRIO for concrete execution and Triton for symbolic execution.

Sydr-Fuzz is a dynamic analysis tool for security development lifecycle. It combines fuzzing (libFuzzer, AFL++) with the power of dynamic symbolic execution (Sydr). Sydr-Fuzz implements the following fuzzing pipeline:

• Hybrid fuzzing with Sydr and libFuzzer/AFL++; coverage-guided Python (Atheris), Java (Jazzer) and JavaScript (Jazzer.js) fuzzing: sydr-fuzz run
• Corpus minimization: sydr-fuzz cmin
• Error detection (out of bounds, integer overflow, numeric truncation, division by zero, etc.) via symbolic security predicates: sydr-fuzz security
• Collecting coverage: sydr-fuzz cov-html
• Triaging, deduplication, and clustering of crashes and Undefined Behavior Sanitizer errors with Casr, and later upload of new and unique reports to DefectDojo: sydr-fuzz casr --ubsan --url <URL>

Our mission is discovering new bugs in open source projects via hybrid fuzzing (OSS-Sydr-Fuzz). We already found a significant number of trophies. Moreover, we compare Sydr-Fuzz with existing fuzzers.

Sydr-Fuzz supports multiple programming languages including C/C++ (libFuzzer/AFL++), Rust (cargo-fuzz/afl.rs), Go (go-fuzz), Python (Atheris), and Java (Jazzer). All languages except Python and Java support symbolic execution with Sydr.

Guides

• C/C++: Fuzzing xlnt project with sydr-fuzz for fun and profit (libFuzzer) [english] [russian]
• C/C++: Fuzzzing FreeImage project with Sydr and AFLplusplus [english] [russian]
• Rust: Fuzzing goblin (Rust) project with Sydr and AFLplusplus [english] [russian]
• Python: Fuzzing ruamel-yaml (Python) project with sydr-fuzz (Atheris backend) [english] [russian]
• Go: Fuzzing golang/image (Go) project with sydr-fuzz (go-fuzz backend) [english] [russian]
• Java: Fuzzing json‐sanitizer (Java) project with sydr‐fuzz (Jazzer backend) [english] [russian]
• JavaScript: Fuzzing fast-xml-parser (JavaScript) project with sydr-fuzz (Jazzer.js backend) [english] [russian]
• C#: Fuzzing YamlDotNet project with sydr‐fuzz (AFL and Sharpfuzz backend) [english] [russian]

Open Source Projects

• OSS-Sydr-Fuzz: Hybrid Fuzzing for Open Source Software
• CASR: Crash Analysis and Severity Report
• gdb-command: Rust Library for Manipulating GDB in Batch Mode
• Juliet C/C++ Dynamic Test Suite: Evaluating Dynamic Analysis Tools on Juliet
• sydr-benchmark: Benchmarking Dynamic Symbolic Execution

Publications and Talks

• Vishnyakov A., Fedotov A., Kuts D., Novikov A., Parygina D., Kobrin E., Logunova V., Belecky P., Kurmangaleev Sh. Sydr: Cutting Edge Dynamic Symbolic Execution. 2020 Ivannikov ISPRAS Open Conference. [paper] [slides] [video]
• Fedotov A.N., Kurmangaleev Sh.F. CASR: core dump analysis and severity reporter tool. Proceedings of ISP RAS, 2020. [russian paper]
• Kuts D. Towards Symbolic Pointers Reasoning in Dynamic Symbolic Execution. 2021 Ivannikov Memorial Workshop. [paper] [slides]
• Vishnyakov A., Logunova V., Kobrin E., Kuts D., Parygina D., Fedotov A. Symbolic Security Predicates: Hunt Program Weaknesses. 2021 Ivannikov ISPRAS Open Conference. [paper] [slides] [russian video]
• Savidov G., Fedotov A. Casr-Cluster: Crash Clustering for Linux Applications. 2021 Ivannikov ISPRAS Open Conference. [paper] [slides]
• Kobrin E., Vishnyakov A., Fedotov A. Hybrid Fuzzing of TensorFlow Machine Learning Framework. MITSOBI 2022. [russian slides]
• Vishnyakov A.V., Kobrin E.A., Fedotov A.N. Error detection in binary code with dynamic symbolic execution. Proceedings of ISP RAS, 2022. [russian paper] [russian slides]
• Fedotov A. Sydr: Dynamic Analysis Technology. IVMEM 2022 Plenum. [russian slides] [russian video]
• Fedotov A. Sydr: SDL for Artificial Intelligence. IVMEM 2022 Plenum. [russian slides] [russian video]
• Parygina D., Vishnyakov A., Fedotov A. Strong Optimistic Solving for Dynamic Symbolic Execution. 2022 Ivannikov Memorial Workshop. [paper] [slides] [russian video]
• Fedotov A. Sydr: Hybrid Fuzzing. IVMEM 2022 Cybersecurity Round Table. [russian slides]
• Fedotov A. Sydr & CASR: Dynamic Analysis for SDL. ISPRAS Open 2022 Trusted Software Development. [russian slides]
• Fedotov A. Development of Trusted Machine Learning Frameworks. ISPRAS Open 2022 Trusted AI. [russian slides] [russian video]
• Vishnyakov A., Kuts D., Logunova V., Parygina D., Kobrin E., Savidov G., Fedotov A. Sydr-Fuzz: Continuous Hybrid Fuzzing and Dynamic Analysis for Security Development Lifecycle. 2022 Ivannikov ISPRAS Open Conference. [paper] [slides] [russian video]
• Vishnyakov A. Error detection in binary code with dynamic symbolic execution. PhD thesis. [russian thesis] [russian synopsis] [russian slides]
• Fedotov A., Vishnyakov A. CASR: Your Life Vest in a Sea of Crashes. OFFZONE 2023. [slides] [russian video]
• Padaryan V., Stepanov V., Vishnyakov A. Fuzzing for SDL: Select, Cover, Reveal. OFFZONE 2023. [slides] [russian video]
• Mezhuev T., Kobrin I., Vishnyakov A., Kuts D. Numeric Truncation Security Predicate. 2023 Ivannikov ISPRAS Open Conference. [paper] [slides] [russian video]
• Yegorov I., Savidov G.: Crash Report Accumulation During Continuous Fuzzing with CASR. Ivannikov Memorial Workshop 2024, IEEE, 2024. [paper] [slides] [russian video]