Skip to content

fuzzland/geckofuzz

1 Branch0 Tags
This branch is up to date with tonyke-bot/geckofuzz:main.

Folders and files

NameName
Last commit message
Last commit date

Latest commit

jjjutlajjjutla
Update README.md
Jun 17, 2024
c538ecf · Jun 17, 2024

History

40 Commits
backtesting
backtesting
Jun 17, 2024
benches
benches
May 21, 2024
onchain_scripts
onchain_scripts
May 21, 2024
solidity_utils
solidity_utils
May 21, 2024
src
src
Jun 17, 2024
tests
tests
May 21, 2024
ui
ui
May 24, 2024
.DS_Store
.DS_Store
May 24, 2024
.gitignore
.gitignore
May 24, 2024
Cargo.lock
Cargo.lock
May 21, 2024
Cargo.toml
Cargo.toml
May 21, 2024
Dockerfile
Dockerfile
May 24, 2024
Makefile.toml
Makefile.toml
May 21, 2024
README.md
README.md
Jun 17, 2024
onchain_tests.txt
onchain_tests.txt
May 24, 2024
rust-toolchain.toml
rust-toolchain.toml
May 21, 2024
rustfmt.toml
rustfmt.toml
May 21, 2024

Repository files navigation

GeckoFuzz

A Gecko is a small, mostly carnivorous lizard known for feeding off bugs. Similarly, GeckoFuzz is a novel autonomous on-chain EVM smart contract auditing tool combining fuzzing, formal verification and AI to find bugs in your code.

Example

Fuzzing Deployed Smart Contract

ETH

NFTTrader on ETH mainnets has a bug in the contract allowing for a reentrancy attack. The contracts were drained for $3M for a are exploitable before block 18799488. Gecko can generate a full exploit to steal funds in less than 6 hours.

./gecko evm -t 0xc310e760778ecbca4c65b6c559874757a4c4ece0\
 -f -c ETH\
 --onchain-block-number 18799488

BSC

BEGO on BSC has a bug in the contract allowing arbitrary mint. Gecko can generate a full exploit to steal funds in less than 1 minute.

./gecko evm -t 0xc342774492b54ce5F8ac662113ED702Fc1b34972\
 -f -c BSC\
 --onchain-block-number 22315678

Video: https://www.youtube.com/watch?v=-uoY0OlRepw

Foundry Invariant Test

Run a Foundry invariant test defined in Invariant contract in `test/Invariant.sol'

gecko evm -m test/Invariant.sol:Invariant -- forge test

Docker

You can build and run Gecko using Docker. There are 2 binaries, for on and off-chain testing.

docker build -t gecko .

docker run -it --rm -p 8000:8000 gecko

Build From Source

Install rust https://rustup.rs/ (use nightly)

# Ubuntu:
sudo apt install libssl-dev libz3-dev pkg-config cmake build-essential clang
# macOS:
brew install openssl z3

cargo build --release

This builds and executable at target/release/gecko

Features

  • On-Chain forking to fuzz contracts on any chain at any block number.
  • Accurate exploit generation for precision loss, integer overflow, fund stealing, Uniswap pair misuse etc (more coming soon).
  • Reentrancy support to leverage potential reentrancy opportunities for exploring more code paths.
  • Fast power scheduling to prioritize fuzzing on code that is more likely to have bugs (LLM Support coming soon).
  • Symbolic execution to generate test cases that cover more code paths than fuzzing alone.
  • Flashloan support assuming attackers have infinite funds to exploit flashloan vulnerabilities.
  • Liquidation support to simulate buying and selling any token from liquidity pools during fuzzing.
  • Decompilation support for fuzzing contracts without source code.
  • Supports complex contracts initialization using Foundry setup script, forking Anvil RPC, or providing a JSON config file.
  • Backed by SOTA Web2 fuzzing engine LibAFL.

About

https://www.gecko.security/

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 54.3%
  • Rust 42.9%
  • Solidity 1.9%
  • Python 0.6%
  • Move 0.2%
  • Handlebars 0.1%