Fuzzing with Radamsa

Today we would look at Radamsa, it is a general-purpose, black-box oriented mutating fuzzer. We would be using Radamsa, to generate multiple input files from one single standard file.

Installing Radamsa

Verifying successful installation of tool.

Suppose we are fuzzing the PDF reader and we have one input file (aka corpus) and we want to generate more set of input files to feed as input to Fuzzer (E.g: - AFL) we can leverage Radamsa for this job.

Let's see how to perform above mentioned task.

Kindly prepare 2 folders for input and output. Place the initial seed file in input folder (in our case its emptyX.pdf)

Since we know there are different mutations supported by Radamsa. For demo purpose we would be using one of them.

Below we can see feeding the input file to Radamsa and mentioning the mutation type.

Let's see the content of output directory for generated files.

Also we can see below, Radamsa generated mutated files are with varying file size too.

Happy Hacking !!