Swift-based fuzzing tools

Overview

swiftfuzztools

The Mac is changing. We've long had a platform where out-of-the-box we were able to compile and run tools in a variety of languages. Over the years the evolving security posture has us moving from a POSIX-compliant platform capable of being used for widespread security research to a sandboxed operating system. And yet we need to be able to perform basic security research on a machine in an unaltered state.

Many applications now use a web or rest-based exchange of information. However, legacy tools and others still rely on socket comms. Thus we need to be able to interrogate, establish communications, and test the security of those using native Apple technologies. These tools are meant to provide ways for security researchers to borrow components for use in their own tools.

Directories/Files in this project

• Fuzz Xcode Project: Xcode project (w/ swift package) that is the later evolution of the fuzz_SwiftLibrary

• buff Xcode Project: Xcode project (w/ swift package) to send a custom stream (see badchars for ascii)

• Portscan Xcode Project: Xcode project to replicate the built-in stroke functionality in macos

• Tabler Xcode Project: Xcode project to list sqlite tables and their columns from a .db file

• executable binaries: Stand-alone executables that can run from the above projects

• badchars: ascii characters known to break code/stream execution

Related(ish) Projects

Many of these need to be converted/modernized but lay the framework for poking around at this and that, here and there:

https://github.com/krypted/contentblockblock: another project used to test bypassing SFContentBlockerManager

https://github.com/krypted/DisplayPush: another project used to investigate URIs in APNs

• https://github.com/krypted/Word-Replacer-Safari-Extension: another project for Safari Extensions

https://github.com/krypted/JSONhashandvalidate: json hashing services

• https://github.com/krypted/lightweightrecommender: Simple recommender for pipelining fuzzing results to a machine learning framework

• https://github.com/krypted/lightweightcategorizer: Categorizing machine learning sample to pipeline results to/from

• https://github.com/krypted/mobileconfigsigner: Signs mobileconfigs for further localized testing options

https://github.com/krypted/shortcutter: Used to automate iOS "Shortcuts" testing

• https://github.com/krypted/maccvecheck: Lookup cves on a Mac

https://github.com/krypted/looto: Opposite of otool - looks up dependencies

https://github.com/krypted/ipasign: re-signs an .ipa bundle

Assets From Other Developers/Researchers

• https://github.com/danielmiessler/SecLists/blob/master/Fuzzing/big-list-of-naughty-strings.txt Strings for fuzzing that can be dropped in this project

https://www.matteomalvica.com/tutorials/buffer_overflow/ One of many fuzzing journeys using the common python options (shorter than most so thought it might be easier to follow along with)

• Domato: A DOM fuzzer from Google Project Zero https://github.com/googleprojectzero/domato

You might also like...
CCCryptor (AES encryption) wrappers for iOS and Mac in Swift. -- For ObjC, see RNCryptor/RNCryptor-objc

RNCryptor Cross-language AES Encryptor/Decryptor data format. The primary targets are Swift and Objective-C, but implementations are available in C, C

Elegant Swift interface to access the CommonCrypto routines

SCrypto [Overview • Requirements • Installation • Usage • Alternatives • Licence] Overview SCrypto provides neat Swift interface to access the CommonC

Simple and secure hashing in Swift with the SipHash algorithm

SipHash ⚠️ WARNING This package has been obsoleted by the Hasher type and the Hashable.hash(into:) requirement introduced in Swift 4.2. Using this pac

Simple Swift wrapper for Keychain that works on iOS, watchOS, tvOS and macOS.
Simple Swift wrapper for Keychain that works on iOS, watchOS, tvOS and macOS.

KeychainAccess KeychainAccess is a simple Swift wrapper for Keychain that works on iOS and OS X. Makes using Keychain APIs extremely easy and much mor

A simple Swift Keychain Wrapper for iOS, watchOS, and OS X.

Latch A simple Swift 2.0 Keychain Wrapper for iOS, watchOS 2, and OS X. Usage A proper example of how to use Latch can be seen in the tests. import La

A simple wrapper for the iOS Keychain to allow you to use it in a similar fashion to User Defaults. Written in Swift.

SwiftKeychainWrapper A simple wrapper for the iOS / tvOS Keychain to allow you to use it in a similar fashion to User Defaults. Written in Swift. Prov

Swift cross-platform crypto library using CommonCrypto/libcrypto

BlueCryptor Swift cross-platform crypto library derived from IDZSwiftCommonCrypto. IMPORTANT NOTE: This release is NOT entirely source code compatible

A powerful, protocol-oriented library for working with the keychain in Swift.

Locksmith A powerful, protocol-oriented library for working with the keychain in Swift. 📱 iOS 8.0+ 💻 Mac OS X 10.10+ ⌚️ watchOS 2 📺 tvOS 🚀 I make

🔒 Swift Obfuscator that protects iOS apps against reverse engineering attacks.
🔒 Swift Obfuscator that protects iOS apps against reverse engineering attacks.

struct fjiovh4894bvic: XbuinvcxoDHFh3fjid { let VNfhnfn3219d: Vnahfi5n34djga func cxncjnx8fh83FDJSDd() - Lghbna2gf0gmh3d { return vPAOSNdcbif

Owner
Charles Edge
Charles Edge
A lightweight stochastic optimizer based on slime mold (Slime Mold Algorithm)

Slime This is a Swift implementation of a Slime Mold Algorithm - a stochastic optimizer - generally based on this paper The only dependency required b

Ethan J 4 Aug 6, 2022
RSA public/private key encryption, private key signing and public key verification in Swift using the Swift Package Manager. Works on iOS, macOS, and Linux (work in progress).

BlueRSA Swift cross-platform RSA wrapper library for RSA encryption and signing. Works on supported Apple platforms (using Security framework). Linux

Kitura 122 Dec 16, 2022
RSA public/private key encryption, private key signing and public key verification in Swift using the Swift Package Manager. Works on iOS, macOS, and Linux (work in progress).

BlueRSA Swift cross-platform RSA wrapper library for RSA encryption and signing. Works on supported Apple platforms (using Security framework). Linux

Kitura 122 Dec 16, 2022
Swift-problem-solving - Swift 알고리즘 맛보기 😋

swift-problem-solving Swift 로 알고리즘 익히기 ?? Programmers 난이도 풀이 문제 바로가기 Lv.2 오픈채팅방 링크 Lv.3 다단계 칫솔 판매 링크 Lv.3 합승 택시 요금 링크 Leetcode 난이도 풀이 문제 바로가기 Medium 1

jegyun 3 Dec 27, 2022
Swift-cuckoo-collections - Cross-platform Swift dictionaries & sets that use a cuckoo hashing algorithm

CuckooCollections A Swift package for open-addressed sets and dictionaries that

Christopher Richez 0 Aug 2, 2022
Helps you define secure storages for your properties using Swift property wrappers.

?? Secure Property Storage Helps you define secure storages for your properties using Swift property wrappers. ?? Features All keys are hashed using S

Alex Rupérez 443 Jan 4, 2023
Swift cross-platform crypto library using CommonCrypto/libcrypto

BlueCryptor Swift cross-platform crypto library derived from IDZSwiftCommonCrypto. IMPORTANT NOTE: This release is NOT entirely source code compatible

Kitura 183 Oct 15, 2022
CryptoSwift is a growing collection of standard and secure cryptographic algorithms implemented in Swift

CryptoSwift Crypto related functions and helpers for Swift implemented in Swift. (#PureSwift) Note: The master branch follows the latest currently rel

Marcin Krzyzanowski 9.4k Jan 5, 2023
A wrapper for Apple's Common Crypto library written in Swift.

IDZSwiftCommonCrypto A Swift wrapper for Apple's CommonCrypto library. IDZSwiftCommonCrypto works with both CocoaPods and Cathage. For more details on

idz 472 Dec 12, 2022
A framework for the JOSE standards JWS, JWE, and JWK written in Swift.

JOSESwift is a modular and extensible framework for the JOSE standards JWS, JWE, and JWK written in Swift. ?? Please note that this implementation of

Airside Mobile, Inc. 162 Dec 15, 2022