About
Sydr is a dynamic symbolic execution tool that explores new paths and enables error detection. Sydr uses DynamoRIO for concrete execution and Triton for symbolic execution.
Sydr-Fuzz is a dynamic analysis tool for security development lifecycle. It combines fuzzing (libFuzzer, AFL++) with the power of dynamic symbolic execution (Sydr). Sydr-Fuzz implements the following fuzzing pipeline:
- Hybrid fuzzing with Sydr and libFuzzer/AFL++; coverage-guided Python (Atheris),
Java (Jazzer) and JavaScript (Jazzer.js) fuzzing:
sydr-fuzz run
- Corpus minimization:
sydr-fuzz cmin
- Error detection (out of bounds, integer overflow, numeric truncation, division
by zero, etc.) via
symbolic security predicates:
sydr-fuzz security
- Collecting coverage:
sydr-fuzz cov-html
- Triaging, deduplication, and clustering of crashes and Undefined Behavior
Sanitizer errors with
Casr, and later upload of new and unique
reports to DefectDojo:
sydr-fuzz casr --ubsan --url <URL>
Our mission is discovering new bugs in open source projects via hybrid fuzzing (OSS-Sydr-Fuzz). We already found a significant number of trophies. Moreover, we compare Sydr-Fuzz with existing fuzzers.
Sydr-Fuzz supports multiple programming languages including C/C++ (libFuzzer/AFL++), Rust (cargo-fuzz/afl.rs), Go (go-fuzz), Python (Atheris), and Java (Jazzer). All languages except Python and Java support symbolic execution with Sydr.
Guides
- C/C++: Fuzzing xlnt project with sydr-fuzz for fun and profit (libFuzzer) [english] [russian]
- C/C++: Fuzzzing FreeImage project with Sydr and AFLplusplus [english] [russian]
- Rust: Fuzzing goblin (Rust) project with Sydr and AFLplusplus [english] [russian]
- Python: Fuzzing ruamel-yaml (Python) project with sydr-fuzz (Atheris backend) [english] [russian]
- Go: Fuzzing golang/image (Go) project with sydr-fuzz (go-fuzz backend) [english] [russian]
- Java: Fuzzing json‐sanitizer (Java) project with sydr‐fuzz (Jazzer backend) [english] [russian]
- JavaScript: Fuzzing fast-xml-parser (JavaScript) project with sydr-fuzz (Jazzer.js backend) [english] [russian]
- C#: Fuzzing YamlDotNet project with sydr‐fuzz (AFL and Sharpfuzz backend) [english] [russian]
Open Source Projects
- OSS-Sydr-Fuzz: Hybrid Fuzzing for Open Source Software
- CASR: Crash Analysis and Severity Report
- gdb-command: Rust Library for Manipulating GDB in Batch Mode
- Juliet C/C++ Dynamic Test Suite: Evaluating Dynamic Analysis Tools on Juliet
- sydr-benchmark: Benchmarking Dynamic Symbolic Execution
Publications and Talks
- Vishnyakov A., Fedotov A., Kuts D., Novikov A., Parygina D., Kobrin E., Logunova V., Belecky P., Kurmangaleev Sh. Sydr: Cutting Edge Dynamic Symbolic Execution. 2020 Ivannikov ISPRAS Open Conference. [paper] [slides] [video]
- Fedotov A.N., Kurmangaleev Sh.F. CASR: core dump analysis and severity reporter tool. Proceedings of ISP RAS, 2020. [russian paper]
- Kuts D. Towards Symbolic Pointers Reasoning in Dynamic Symbolic Execution. 2021 Ivannikov Memorial Workshop. [paper] [slides]
- Vishnyakov A., Logunova V., Kobrin E., Kuts D., Parygina D., Fedotov A. Symbolic Security Predicates: Hunt Program Weaknesses. 2021 Ivannikov ISPRAS Open Conference. [paper] [slides] [russian video]
- Savidov G., Fedotov A. Casr-Cluster: Crash Clustering for Linux Applications. 2021 Ivannikov ISPRAS Open Conference. [paper] [slides]
- Kobrin E., Vishnyakov A., Fedotov A. Hybrid Fuzzing of TensorFlow Machine Learning Framework. MITSOBI 2022. [russian slides]
- Vishnyakov A.V., Kobrin E.A., Fedotov A.N. Error detection in binary code with dynamic symbolic execution. Proceedings of ISP RAS, 2022. [russian paper] [russian slides]
- Fedotov A. Sydr: Dynamic Analysis Technology. IVMEM 2022 Plenum. [russian slides] [russian video]
- Fedotov A. Sydr: SDL for Artificial Intelligence. IVMEM 2022 Plenum. [russian slides] [russian video]
- Parygina D., Vishnyakov A., Fedotov A. Strong Optimistic Solving for Dynamic Symbolic Execution. 2022 Ivannikov Memorial Workshop. [paper] [slides] [russian video]
- Fedotov A. Sydr: Hybrid Fuzzing. IVMEM 2022 Cybersecurity Round Table. [russian slides]
- Fedotov A. Sydr & CASR: Dynamic Analysis for SDL. ISPRAS Open 2022 Trusted Software Development. [russian slides]
- Fedotov A. Development of Trusted Machine Learning Frameworks. ISPRAS Open 2022 Trusted AI. [russian slides] [russian video]
- Vishnyakov A., Kuts D., Logunova V., Parygina D., Kobrin E., Savidov G., Fedotov A. Sydr-Fuzz: Continuous Hybrid Fuzzing and Dynamic Analysis for Security Development Lifecycle. 2022 Ivannikov ISPRAS Open Conference. [paper] [slides] [russian video]
- Vishnyakov A. Error detection in binary code with dynamic symbolic execution. PhD thesis. [russian thesis] [russian synopsis] [russian slides]
- Fedotov A., Vishnyakov A. CASR: Your Life Vest in a Sea of Crashes. OFFZONE 2023. [slides] [russian video]
- Padaryan V., Stepanov V., Vishnyakov A. Fuzzing for SDL: Select, Cover, Reveal. OFFZONE 2023. [slides] [russian video]
- Mezhuev T., Kobrin I., Vishnyakov A., Kuts D. Numeric Truncation Security Predicate. 2023 Ivannikov ISPRAS Open Conference. [paper] [slides] [russian video]
- Yegorov I., Savidov G.: Crash Report Accumulation During Continuous Fuzzing with CASR. Ivannikov Memorial Workshop 2024, IEEE, 2024. [paper] [slides] [russian video]