Does Atheris require a specific operating system?

Atheris supports 32-bit and 64-bit Linux and macOS. Linux is highly recommended for easier dependency management and faster execution.

How does Atheris differ from property-based testing like Hypothesis?

Atheris is a fuzzer focused on finding crashes and security flaws through coverage guidance, while Hypothesis is a property-based testing tool focused on functional correctness.

What is Atheris best used for?

Atheris is ideal for finding security vulnerabilities and edge-case bugs in pure Python code and native C extensions using coverage-guided feedback.

Can Atheris detect memory corruption in Python?

While pure Python is generally memory-safe, Atheris detects memory corruption in C extensions by using integrated AddressSanitizer (ASan) support.

Is manual instrumentation required for Atheris?

Yes, you must instrument your code using decorators like @atheris.instrument_func or context managers like atheris.instrument_imports() to provide the fuzzer with coverage data.

Atheris Python Fuzzer

Name: Atheris Python Fuzzer
Author: trailofbits

bytrailofbits

•

938

•

セキュリティとテスト

Perform coverage-guided fuzz testing for pure Python code and C extensions to detect security vulnerabilities and memory corruption.

Atheris is a high-performance security research tool that brings coverage-guided fuzzing to the Python ecosystem. Built on libFuzzer, it allows developers to systematically explore execution paths in both pure Python scripts and native C extensions. By integrating AddressSanitizer, Atheris excels at uncovering memory corruption bugs and unexpected crashes that traditional unit tests might miss. It is an essential capability for security auditing, vulnerability research, and hardening critical Python-based infrastructure against malicious inputs.

主な機能

01938 GitHub stars

02Coverage-guided fuzzing based on the libFuzzer engine

03Automated code instrumentation via decorators and context managers

04Support for both pure Python and native Python C extensions

05Efficient corpus management and minimization support

06Integrated AddressSanitizer (ASan) for memory corruption detection

ユースケース

01Auditing Python C extensions for memory safety vulnerabilities

02Automating security research and vulnerability discovery in third-party libraries

03Stress testing complex data parsers and protocol implementations

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add trailofbits/skills atheris

For use in Claude.ai and ChatGPT

Download Skill