A professional-grade DICOM fuzzing tool for healthcare security testing
Verified details
These details have been verified by PyPIProject links
GitHub Statistics
Maintainers
Project description
DICOM Fuzzer
Mutation-based fuzzer for robustness testing of DICOM medical imaging viewers and parsers. Generates malformed DICOM files and feeds them into target applications to find crashes and vulnerabilities.
Installation
git clone https://github.com/Dashtid/DICOM-Fuzzer.git
cd DICOM-Fuzzer
uv sync
source .venv/bin/activate # or .venv\Scripts\activate on Windows
Quick Start
# Generate 100 fuzzed DICOM files
dicom-fuzzer input.dcm -c 100 -o ./artifacts/output
# Fuzz and test against a target viewer
dicom-fuzzer input.dcm -c 1000 -t ./viewer.exe --timeout 10
# Generate seed corpus for AFL/WinAFL
dicom-fuzzer generate-seeds input.dcm -c 500 -o ./seeds/
Features
Fuzzing
- 28 mutation strategies across 4 tiers: metadata, structure/encoding, pixel/modality-specific, multi-frame
- 18 format fuzzers (generic + modality-specific: SEG, RTSS, RT Dose, NM, PET, Encapsulated PDF)
- 10 multiframe strategies (frame count, temporal, dimensional, encapsulated pixel)
- 3D series fuzzing (CT/MRI volumetric data)
- Study-level cross-series attacks
- Network protocol fuzzing (DIMSE, TLS) -- experimental
Analysis
- Automatic crash detection and deduplication
- Crash triaging with severity and exploitability scoring
- Test case minimization
- Corpus management
- HTML campaign reports with per-strategy hit rates
Integration
- CLI with 11 subcommands
- Python API for custom workflows
- Docker container for isolated execution
- CI/CD compatible
CLI Reference
dicom-fuzzer --help # Main fuzzing campaign
dicom-fuzzer target --help # Target testing
dicom-fuzzer generate-seeds --help # Seed corpus generation
dicom-fuzzer report --help # Report generation
dicom-fuzzer corpus --help # Corpus management
dicom-fuzzer tls --help # TLS/auth testing
See docs/CLI_REFERENCE.md for full command documentation.
Python API
from dicom_fuzzer.core.mutation.mutator import DicomMutator
import pydicom
mutator = DicomMutator()
dataset = pydicom.dcmread("input.dcm")
for i in range(100):
fuzzed = mutator.apply_mutations(dataset)
fuzzed.save_as(f"artifacts/output/fuzz_{i:04d}.dcm")
Project Structure
dicom-fuzzer/
├── dicom_fuzzer/ # Main package
│ ├── attacks/ # Attack modules (format, series, network, multiframe)
│ ├── cli/ # Command-line interface (11 subcommands)
│ ├── core/ # Engine, mutation, corpus, crash analysis, harness, reporting
│ └── utils/ # Logging, hashing, identifiers
├── tests/ # Test suite
├── docs/ # Documentation
└── artifacts/ # Runtime output (gitignored)
Documentation
Security
This tool is for authorized security testing only. See SECURITY.md.
License
MIT - see LICENSE
Project details
Verified details
These details have been verified by PyPIProject links
GitHub Statistics
Maintainers
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
dicom_fuzzer-1.9.1.tar.gz
(876.9 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
dicom_fuzzer-1.9.1-py3-none-any.whl
(359.2 kB
view details)
File details
Details for the file dicom_fuzzer-1.9.1.tar.gz.
File metadata
- Download URL: dicom_fuzzer-1.9.1.tar.gz
- Upload date:
- Size: 876.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
0113e051430d3794432caabf64bcea9350821dec25f76490518593913d18f54b
|
|
| MD5 |
3d21309df0e48d8d078ab0a03763fad4
|
|
| BLAKE2b-256 |
047bc72a8f9c65425858260e7167d31569460de419186b6b01416d09020ad2cc
|
Provenance
The following attestation bundles were made for dicom_fuzzer-1.9.1.tar.gz:
Publisher:
release.yml on Dashtid/dicom-fuzzer
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
dicom_fuzzer-1.9.1.tar.gz -
Subject digest:
0113e051430d3794432caabf64bcea9350821dec25f76490518593913d18f54b - Sigstore transparency entry: 1110065623
- Sigstore integration time:
-
Permalink:
Dashtid/dicom-fuzzer@8cb0e58e575615c6f0dfdd9b122330ca29831d0a -
Branch / Tag:
refs/tags/v1.9.1 - Owner: https://github.com/Dashtid
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@8cb0e58e575615c6f0dfdd9b122330ca29831d0a -
Trigger Event:
push
-
Statement type:
File details
Details for the file dicom_fuzzer-1.9.1-py3-none-any.whl.
File metadata
- Download URL: dicom_fuzzer-1.9.1-py3-none-any.whl
- Upload date:
- Size: 359.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
378a9fcd9cd54ee7eb321a8956dfb6972a5c04ac00efe50fb687824892aa67b4
|
|
| MD5 |
a3db47c3cf1c07910c309ded24df50e8
|
|
| BLAKE2b-256 |
6fb20c57de2beea8be51d479ec5ce796b0872bd2446540214904e5f19b126ce2
|
Provenance
The following attestation bundles were made for dicom_fuzzer-1.9.1-py3-none-any.whl:
Publisher:
release.yml on Dashtid/dicom-fuzzer
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
dicom_fuzzer-1.9.1-py3-none-any.whl -
Subject digest:
378a9fcd9cd54ee7eb321a8956dfb6972a5c04ac00efe50fb687824892aa67b4 - Sigstore transparency entry: 1110065634
- Sigstore integration time:
-
Permalink:
Dashtid/dicom-fuzzer@8cb0e58e575615c6f0dfdd9b122330ca29831d0a -
Branch / Tag:
refs/tags/v1.9.1 - Owner: https://github.com/Dashtid
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@8cb0e58e575615c6f0dfdd9b122330ca29831d0a -
Trigger Event:
push
-
Statement type:
