A professional-grade DICOM fuzzing tool for healthcare security testing
Project description
DICOM Fuzzer
Security testing framework for DICOM medical imaging systems. Identifies vulnerabilities in PACS servers, medical imaging viewers, and DICOM parsers through automated fuzzing.
Installation
git clone https://github.com/Dashtid/DICOM-Fuzzer.git
cd DICOM-Fuzzer
uv sync
source .venv/bin/activate # or .venv\Scripts\activate on Windows
Quick Start
# Basic fuzzing
dicom-fuzzer input.dcm -c 100 -o ./artifacts/output
# With target application testing
dicom-fuzzer input.dcm -c 1000 -t ./viewer.exe --timeout 10
# Generate HTML report
dicom-fuzzer report ./artifacts/output --format html
Features
Fuzzing
- Mutation-based and grammar-aware DICOM fuzzing
- CVE-based security mutations enabled by default (12+ real CVEs)
- Coverage-guided fuzzing with corpus management
- 3D series fuzzing (CT/MRI volumetric data)
- Network protocol fuzzing (DIMSE, TLS)
Analysis
- Automatic crash detection and deduplication
- Crash triaging with severity/exploitability scoring
- Test case minimization (delta debugging)
- Stability tracking for non-deterministic behavior
Integration
- CLI with 10+ subcommands
- Python API for custom workflows
- Docker targets (DCMTK, Orthanc)
- CI/CD pipeline ready
CLI Reference
dicom-fuzzer --help # Main help
dicom-fuzzer fuzz --help # Fuzzing options
dicom-fuzzer report --help # Report generation
dicom-fuzzer corpus --help # Corpus management
dicom-fuzzer tls --help # TLS/auth testing
dicom-fuzzer differential --help # Cross-parser testing
See docs/CLI_REFERENCE.md for full command documentation.
Python API
from dicom_fuzzer.core.mutator import DicomMutator
from dicom_fuzzer.core.fuzzing_session import FuzzingSession
import pydicom
session = FuzzingSession(output_dir="./artifacts/output")
mutator = DicomMutator()
dataset = pydicom.dcmread("input.dcm")
for i in range(100):
fuzzed = mutator.mutate(dataset)
fuzzed.save_as(f"artifacts/output/fuzz_{i:04d}.dcm")
session.save_report()
Project Structure
dicom-fuzzer/
├── dicom_fuzzer/ # Main package
├── tests/ # Test suite (2000+ tests)
├── tools/ # Scripts, examples, generators
├── configs/ # Docker, targets, seeds
├── docs/ # Documentation
└── artifacts/ # Runtime output (gitignored)
Documentation
Security
This tool is for authorized security testing only. See SECURITY.md.
License
MIT - see LICENSE
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file dicom_fuzzer-1.7.2.tar.gz.
File metadata
- Download URL: dicom_fuzzer-1.7.2.tar.gz
- Upload date:
- Size: 1.2 MB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c3f67aec2a615a58b17edacd6c84257d53e778f0c90141ad855d242d1c36bfe2
|
|
| MD5 |
fccd0ad275b2026f4a40e2ef2790ad3e
|
|
| BLAKE2b-256 |
f8eaa58ecee50f59db22db66a929a9b9cf03c1fa61c3c8a038b91b4bd2996d2b
|
File details
Details for the file dicom_fuzzer-1.7.2-py3-none-any.whl.
File metadata
- Download URL: dicom_fuzzer-1.7.2-py3-none-any.whl
- Upload date:
- Size: 558.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c55342d9d608f1bf37ed8c83904d2acfe3053b1e7f6865e38e84edc06a5815d1
|
|
| MD5 |
e32131bbe90ceb087f52f580947fe627
|
|
| BLAKE2b-256 |
7180f3b907e90309735d6aa8c77d9ebe79c0db91e60b6ca8d488902d800c618a
|
