A professional-grade DICOM fuzzing tool for healthcare security testing

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for Dashti from gravatar.com Dashti

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: David Dashti
  • Tags cybersecurity , dicom , fuzzing , healthcare , medical-imaging , pacs , security , vulnerability-testing
  • Requires: Python >=3.11
  • Provides-Extra: all , distributed , metrics , network , security , viz
Classifiers
Report project as malware

Project description

DICOM Fuzzer

Mutation-based fuzzer for robustness testing of DICOM medical imaging viewers and parsers. Generates malformed DICOM files and feeds them into target applications to find crashes and vulnerabilities.

CI Python 3.11+ License: MIT

Installation

git clone https://github.com/Dashtid/DICOM-Fuzzer.git
cd DICOM-Fuzzer
uv sync
source .venv/bin/activate  # or .venv\Scripts\activate on Windows

# Optional (for target testing, crash analysis, and reports)
pip install psutil minidump tqdm rich matplotlib jinja2 pywinauto

Quick Start

# Generate 100 fuzzed DICOM files
dicom-fuzzer input.dcm -c 100 -o ./artifacts/output

# Fuzz and test against a target viewer
dicom-fuzzer input.dcm -c 1000 -t ./viewer.exe --timeout 10

# Generate seed corpus for AFL/WinAFL
dicom-fuzzer generate-seeds input.dcm -c 500 -o ./seeds/

Features

Fuzzing

  • Format fuzzing (production): 19 single-file mutation strategies targeting VR types, pixel data, sequences, encoding, and modality-specific tags
  • Modality-specific fuzzers: SEG, RTSS, RT Dose, NM, PET, Encapsulated PDF, Pixel Reencoding
  • Target scope filtering (--target-type viewer|web|pacs)
  • Multiframe fuzzing (WIP): 10 strategies for enhanced imaging objects -- functional groups, frame counts, dimension indices
  • Series/study fuzzing (WIP): cross-series geometry, temporal ordering, patient consistency
  • Network protocol fuzzing (WIP): PDU construction, DIMSE commands, state machine, TLS

Analysis

  • Automatic crash detection and deduplication
  • Crash triaging with severity and exploitability scoring
  • Test case minimization
  • Corpus management
  • HTML campaign reports with per-strategy hit rates

Integration

  • CLI with 14 subcommands
  • Python API for custom workflows
  • Docker container for isolated execution
  • CI/CD compatible

CLI Reference

dicom-fuzzer --help                 # Main fuzzing campaign
dicom-fuzzer target --help          # Target testing
dicom-fuzzer generate-seeds --help  # Seed corpus generation
dicom-fuzzer sanitize --help        # Strip PHI from seed files
dicom-fuzzer replay --help          # Decompose fuzzed files
dicom-fuzzer report --help          # Report generation
dicom-fuzzer triage --help          # Crash triaging
dicom-fuzzer corpus --help          # Corpus management

See docs/CLI_REFERENCE.md for full command documentation.

Python API

from dicom_fuzzer.core.mutation.mutator import DicomMutator
import pydicom

mutator = DicomMutator()
dataset = pydicom.dcmread("input.dcm")

for i in range(100):
    fuzzed = mutator.apply_mutations(dataset)
    fuzzed.save_as(f"artifacts/output/fuzz_{i:04d}.dcm")

Project Structure

dicom-fuzzer/
├── dicom_fuzzer/    # Main package
│   ├── attacks/     # Attack modules (format, series, network, multiframe)
│   ├── cli/         # Command-line interface (14 subcommands)
│   ├── core/        # Engine, mutation, corpus, crash analysis, harness, reporting
│   └── utils/       # Logging, hashing, identifiers
├── tests/           # Test suite
├── docs/            # Documentation
└── artifacts/       # Runtime output (gitignored)

Documentation

Security

This tool is for authorized security testing only. See SECURITY.md.

License

MIT - see LICENSE

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for Dashti from gravatar.com Dashti

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: David Dashti
  • Tags cybersecurity , dicom , fuzzing , healthcare , medical-imaging , pacs , security , vulnerability-testing
  • Requires: Python >=3.11
  • Provides-Extra: all , distributed , metrics , network , security , viz
Classifiers

Release history Release notifications | RSS feed

1.12.0

1.11.0

This version

1.10.0

1.9.1

1.7.2

1.7.1

1.3.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

dicom_fuzzer-1.10.0.tar.gz (1.3 MB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

dicom_fuzzer-1.10.0-py3-none-any.whl (391.8 kB view details)

Uploaded Python 3

File details

Details for the file dicom_fuzzer-1.10.0.tar.gz.

File metadata

  • Download URL: dicom_fuzzer-1.10.0.tar.gz
  • Upload date:
  • Size: 1.3 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for dicom_fuzzer-1.10.0.tar.gz
Algorithm Hash digest
SHA256 6459f8f433eb6cbdadb581e1162ea5669a08f574a125f7540cfbba5f679231ba
MD5 449921600d3b4862b7f9d369c5495f6c
BLAKE2b-256 d623d19bbfb847e20ba740b1f70e752381367ac04623f2d36ff09abdac60e192

See more details on using hashes here.

Provenance

The following attestation bundles were made for dicom_fuzzer-1.10.0.tar.gz:

Publisher: release.yml on Dashtid/dicom-fuzzer

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file dicom_fuzzer-1.10.0-py3-none-any.whl.

File metadata

  • Download URL: dicom_fuzzer-1.10.0-py3-none-any.whl
  • Upload date:
  • Size: 391.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for dicom_fuzzer-1.10.0-py3-none-any.whl
Algorithm Hash digest
SHA256 f5486aacb7c474545959a858c2b70a79335a65b5c47d9a2f0d117aea7b9a1527
MD5 20174d338ecb44a0c35e64c07f2ed83c
BLAKE2b-256 9998b490871b04cb01a625c5967fd9062645d78040e15b33f4b588676ea772f7

See more details on using hashes here.

Provenance

The following attestation bundles were made for dicom_fuzzer-1.10.0-py3-none-any.whl:

Publisher: release.yml on Dashtid/dicom-fuzzer

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page