Finding security flaws effectively and efficiently in Industrial Control Systems is of great importance as such systems are used in various important industries like nuclear power plants. r0fuzz aims to find security flaws in the hardware network protocols like MODBUS, DNP3 etc.

• 1. Working
• 2. Installation
  • 2.1. Dependencies
• 3. Usage
• 4. Features
• 5. TODO

Work flow of the tool -

Here are the installation instructions for r0fuzz

• Clone the repo

git clone https://github.com/ais2397/r0fuzz.git
cd r0fuzz

• Install the python dependencies using

pip3 install -r requirements.txt

usage: r0fuzz.py [-h] -s SEED -t TARGET [-d] [-v]

optional arguments:
  -h, --help            show this help message and exit
  -s SEED, --seed SEED  sample input file
  -t TARGET, --target TARGET
                        target protocol
  -d, --dumb            Dumb fuzz the target
  -v, --verbosity       Log level

To run r0fuzz.py:

python3 r0fuzz.py -s <relative_path_of_seed_packet> -t <target_protocol> -vv

• Basic Fuzzer using brute force approach
• Smart Fuzzer
  • Mutation based
  • Generation based
• Current support
  • MODBUS
  • DNP3

• Enhance the fuzzer.
• Incorporate other protocols.