Finding security flaws effectively and efficiently in Industrial Control Systems is of great importance as such systems are used in various important industries like nuclear power plants. r0fuzz aims to find security flaws in the hardware network protocols like MODBUS, DNP3 etc.
- Python virtual environment
git clone https://github.com/traboda/r0fuzz.git
cd r0fuzz
pip install virtualenv
virtualenv fuzz_env
source fuzz_env/bin/activate
pip install -r requirements.txt
usage: r0fuzz.py [-h] -t TARGET [-v] [-i IP] [-p PORT] {dumb,mutate,generate} ...
positional arguments:
{dumb,mutate,generate}
dumb Apply dumb fuzzing technique
mutate Apply mutation based fuzzing technique
generate Apply generation based fuzzing technique
options:
-h, --help show this help message and exit
-t TARGET, --target TARGET
target protocol
-v, --verbosity Log level
-i IP, --ip IP Target IP Address
-p PORT, --port PORT Target Port
You can find the demos here.
- Mutation based fuzzing
- Generation-based fuzzing
- Driver module for the collaboration between mutation and generation based fuzzing. (WIP)
- Incorporate other ICS protocols support. (WIP)
- Fuzzing Using Hardware breakpoints. (Work in progress)