ityfuzz
ityfuzz copied to clipboard
fuzzland
Blazing Fast Bytecode-Level Hybrid Fuzzer for Smart Contracts
I've been looking to add in a middleware that does contract analysis whenever new code is discovered. I looked for similar ideas that already are in the codebase, but many...
Ityfuzz selects mutators on random chance. There are two hyperparameters that can affect overall mutation: - MAX_STACK_POW (used in libafl to determine how many times in a row to mutate...
Since the EVM is stateful, and all interesting things onchain occur during a stateful operation, what if we targeted those during the fuzz run? There is some research around targeting...
The release workflow has failed. Some or all binaries might have not been published correctly. Check the [release workflow page](https://github.com/fuzzland/ityfuzz/actions/runs/14743764995 ) for details. This issue was raised by the workflow...
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "github-actions[bot] avatar"){kind=avatar}
get corpus from tx_hash cargo run evm -p "eth" -b 20173909 -t "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2,0x3fc91a3afd70395cd496c647d5a6cc9d4b2b7fad" -l "0xf66049169baaf5dc095d74ef19206e045b744a0f4eb760745e1c21ef32040f20"
When running ItyFuzz against an on-chain deployed CTF, I encountered the following error: ```ERROR failed to fetch from https://polygon.llamarpc.com thread 'main' panicked at src/evm/onchain/endpoints.rs:791:29: fail to get block timestamp note:...
I ran the following command. `ityfuzz evm -t 0x68EB5c749a90b195F8723414d9f5E1ae273f59E1,0x55d398326f99059fF775485246999027B3197955,0x17269a3CACB6eA16FE5137eC3ccBde00A6A97668 -f -c bsc -d erc20 --onchain-etherscan-api-key ` And got the following result. ``` 😊😊 Found vulnerabilities! ================ Description ================ [Fund Loss]:...
Comparing my 'regular' PC (16cores) against my server (96 cores), there is almost 0 speed profit. What is the decisive factor to run on-chain tests at faster speed?
Hello, this pull request fixes a problem with initial balance when making a call. `self.next_slot` will contain the actual balance of the `receiver` address only if there was a prior...
how to fuzz unverified contract? in this case, i only have abi and bytecode of the contract 1. file Contract.abi 2. file Contract.bytecode something like this? ityfuzz evm --bytecode-file Contract.bytecode...
