Installing boofuzz
Prerequisites
Boofuzz requires Python ≥ 3.8. Recommended installation requires pip. As a base requirement, the following packages
are needed:
- Ubuntu/Debian
sudo apt-get install python3-pip python3-venv build-essential- OpenSuse
sudo zypper install python3-devel gcc- CentOS
sudo yum install python3-devel gcc
Install
It is strongly recommended to set up boofuzz in a virtual environment (venv). First, create a directory that will hold our boofuzz install:
$ mkdir boofuzz && cd boofuzz
$ python3 -m venv env
This creates a new virtual environment env in the current folder. Note that the
Python version in a virtual environment is fixed and chosen at its creation.
Unlike global installs, within a virtual environment python is aliased to
the Python version of the virtual environment.
Next, activate the virtual environment:
$ source env/bin/activate
Or, if you are on Windows:
> env\Scripts\activate.bat
Ensure you have the latest version of both pip and setuptools:
(env) $ pip install -U pip setuptools
Finally, install boofuzz:
(env) $ pip install boofuzz
To run and test your fuzzing scripts, make sure to always activate the virtual environment beforehand.
From Source
Like above, it is recommended to set up a virtual environment. Depending on your concrete setup, this is largely equivalent to the steps outlined above. Make sure to upgrade
setuptoolsandpiporpoetry.Download the source code. You can either grab a zip from https://github.com/jtpereyda/boofuzz or directly clone it with git:
$ git clone https://github.com/jtpereyda/boofuzz.git
Install with Poetry
Poetry will automatically create a virtual environment for you and install the required dependencies. The installation will be editable by default, meaning that changes to the source code will be seen directly without reinstalling.
Simply execute the following command inside the boofuzz source dir:
$ poetry install
To install with extra dependencies like dev or docs, specify them in one of the following ways:
$ poetry install --extras "dev" $ poetry install -E docs $ poetry install --all-extras
Install with Pip
Run pip from within the boofuzz directory after activating the virtual environment:
$ pip install .
Tips:
Use the
-eoption for developer mode, which allows changes to be seen automatically without reinstalling:$ pip install -e .
To install developer tools (unit test dependencies, test runners, etc.) as well:
$ pip install -e .[dev]
If you’re behind a proxy:
$ set HTTPS_PROXY=http://your.proxy.com:port
If you’re planning on developing boofuzz itself, you can save a directory and create your virtual environment after you’ve cloned the source code (so
env/is within the main boofuzz directory).
Extras
process_monitor.py
The process monitor is a tool for detecting crashes and restarting an application on Windows or Linux. While boofuzz typically runs on a different machine than the target, the process monitor must run on the target machine itself.
network_monitor.py
The network monitor was Sulley’s primary tool for recording test data, and has been replaced with boofuzz’s logging mechanisms. However, some people still prefer the PCAP approach.
Note
The network monitor requires Pcapy and Impacket, which will not be automatically installed with boofuzz. You can
manually install them with pip install pcapy impacket.
If you run into errors, check out the Pcapy requirements on the project page.