Skip to the content.

About

Sydr is a dynamic symbolic execution tool that explores new paths and enables error detection. Sydr uses DynamoRIO for concrete execution and Triton for symbolic execution.

Sydr-Fuzz is a dynamic analysis tool for security development lifecycle. It combines fuzzing (libFuzzer, AFL++) with the power of dynamic symbolic execution (Sydr). Sydr-Fuzz implements the following fuzzing pipeline:

Our mission is discovering new bugs in open source projects via hybrid fuzzing (OSS-Sydr-Fuzz). We already found a significant number of trophies. Moreover, we compare Sydr-Fuzz with existing fuzzers.

Sydr-Fuzz supports multiple programming languages including C/C++ (libFuzzer/AFL++), Rust (cargo-fuzz/afl.rs), Go (go-fuzz), Python (Atheris), and Java (Jazzer). All languages except Python and Java support symbolic execution with Sydr.

Guides

Open Source Projects

Publications and Talks