Generation-based, context-free grammar fuzzer.
Project description
Generation-based, context-free grammar fuzzer.
Table of Contents
Run
All roads lead to Rome but Python 3.x is the prefered vehicle.
pip
pip install dharma
dharma --help
pipenv
pipenv install --dev
pipenv run dharma --help
package
python -m dharma --help
Docker
docker build -t dharma .
docker run --rm -it dharma -grammars dharma/grammars/canvas2d.dg
Examples
Generate a single test-case and print it to stdout. Multiple grammars can be appended to the -grammars argument.
dharma -grammars dharma/grammars/canvas2d.dg
Generating multiple test-cases and save the result to disk.
dharma -grammars dharma/grammars/canvas2d.dg -storage . -count 5
Generate test-cases and serve them in a template via WebSocket.
Launch dharma/grammars/var/index.html in the browser after Dharma launched.
dharma -grammars dharma/grammars/canvas2d.dg -server -template grammars/var/templates/html5/default.html
Benchmark the generator.
time dharma -grammars dharma/grammars/canvas2d.dg -count 10000 > /dev/null
Development
PyLint
In case you run PyLint 1.9.2 and Python 3.7 you need to upgrade PyLint.
pip3 install pylint astroid --pre -U
Dharma Grammar Cheatsheet
Comments
%%% comment
Controls
%const% name := value
Sections
%section% := value
%section% := variable
%section% := variance
Extension Methods
Refer to extensions.py in dharma/core/ and to the xref_registry in the DharmaMachine class to add further extensions.
%range%(0-9)
%range%(0.0-9.0)
%range%(a-z)
%range%(!-~)
%range%(0x100-0x200)
%repeat%(+variable+)
%repeat%(+variable+, ", ")
%uri%(path)
%uri%(lookup_key)
%block%(path)
%choice%(foo, "bar", 1)
Assigning Values
digit :=
%range%(0-9)
sign :=
+
-
value :=
+sign+%repeat%(+digit+)
Using Values
+value+
Assigning Variables
variable :=
@variable@ = new Foo();
Using Variables
value :=
!variable!.bar();
Referencing values from common.dg
value :=
attribute=+common:number+
Calling JavaScript library methods
foo :=
Random.pick([0,1]);
API Documentation
Dharma in the Public
Dharma mentionings in the news.
- https://webassembly-security.com/fuzzing-wasm-javascript-dharma-chrome-v8/
- https://www.zerodayinitiative.com/blog/2019/1/31/implementing-fuzz-logics-with-dharma
- http://blog.ret2.io/2018/06/13/pwn2own-2018-vulnerability-discovery/
- https://blog.mozilla.org/security/2015/06/29/dharma/
- https://www.redpacketsecurity.com/dharma-generation-based-context-free-grammar-fuzzing-tool/
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file dharma-1.3.2.tar.gz.
File metadata
- Download URL: dharma-1.3.2.tar.gz
- Upload date:
- Size: 38.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.4.2 requests/2.21.0 setuptools/47.1.1 requests-toolbelt/0.8.0 tqdm/4.28.1 CPython/3.8.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 4a16cbe99e7cc685b82d0a77b9f14b51df8a981b0c3f1a2b961eaae089f102e4 |
|
| MD5 | 58fad5fe8740ac0fb3e1207f8cfbdb6c |
|
| BLAKE2b-256 | 92e499bcf9481773b9bee08792d9b8b07e73d1f30286eadec2a5df0ff89ddad7 |
File details
Details for the file dharma-1.3.2-py3-none-any.whl.
File metadata
- Download URL: dharma-1.3.2-py3-none-any.whl
- Upload date:
- Size: 45.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.4.2 requests/2.21.0 setuptools/47.1.1 requests-toolbelt/0.8.0 tqdm/4.28.1 CPython/3.8.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 119fde38f77f66082316f22ac48d99034bd123555a8ecb2a5e9c9b4b799aaab5 |
|
| MD5 | e08186b28e0b3a7738025c91be60c09d |
|
| BLAKE2b-256 | 1ce678d85e4b7e8bb0046f024226fc59d43510b04286b8d3ade161e1118dcf86 |
