LLM-powered automated fuzzing tool for Python functions
Project description
LLM Fuzz
AI-powered security testing framework for Python functions. Uses LLMs to analyze code, discover vulnerabilities, and generate targeted test cases.
Installation
From PyPI
pip install llm-fuzz
From Source
git clone https://github.com/yourusername/llm-fuzz.git
cd llm-fuzz
pip install -e .
Prerequisites
LLM Fuzz uses smolagents which supports multiple LLM providers through LiteLLM. You need to set up an API key for your chosen provider.
Supported LLM Providers
- OpenAI (GPT-4, GPT-3.5, etc.)
- Anthropic (Claude)
- Google (Gemini)
- Many others via LiteLLM
Setting Up API Keys
Before using llm-fuzz, export your API key:
# For OpenAI
export OPENAI_API_KEY="your-key-here"
# For Anthropic (Claude)
export ANTHROPIC_API_KEY="your-key-here"
# For Google (Gemini)
export GEMINI_API_KEY="your-key-here"
Quick Start
from llm_fuzz import llm_fuzz, FuzzConfig
# Your function to test
def divide(x, y):
return x / y
# Wrapper for testing
def divide_wrapper(input_data):
x = input_data.get("x", 1)
y = input_data.get("y", 1)
return divide(x, y)
# Configure and run fuzzer
config = FuzzConfig(
model="gemini/gemini-2.5-flash", # or "gpt-4", "claude-3-opus", etc.
max_vulnerabilities=3,
tests_per_vulnerability=2,
)
report = llm_fuzz(
target_function=divide,
test_function=divide_wrapper,
config=config,
fuzz_params=["x", "y"]
)
print(f"Tests: {report.passed_count}/{report.total_count} passed")
report.save_to_file("fuzz_report.json")
Configuration
FuzzConfig(
model="gemini/gemini-2.5-flash", # LLM model to use
max_vulnerabilities=5, # Number of vulnerabilities to discover
tests_per_vulnerability=3, # Test cases per vulnerability
max_discovery_steps=15, # Max steps for discovery
temperature=0.1, # LLM temperature
verbose=False # Enable verbose logging
)
Examples
See the examples/ directory:
- simple_division.py - Basic fuzzing example
Run the example:
export GEMINI_API_KEY="your-key"
python examples/simple_division.py
Testing
Run the test suite:
pytest
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file llm_fuzz-0.1.0.tar.gz.
File metadata
- Download URL: llm_fuzz-0.1.0.tar.gz
- Upload date:
- Size: 14.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
85cd88d4ecc97b73b6445e9b3d4a028ff118ca8d9a999bfd5a7bfaff574ab898
|
|
| MD5 |
45604181c844fd31c138972c1f0a0303
|
|
| BLAKE2b-256 |
0898c1b78ae2020428cf2a811d04d74ac3e6b7c543d9b04ef5b6e1f3da048d33
|
File details
Details for the file llm_fuzz-0.1.0-py3-none-any.whl.
File metadata
- Download URL: llm_fuzz-0.1.0-py3-none-any.whl
- Upload date:
- Size: 13.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
7ddc81e129cd0fbd8f07b69646ebb072ceae3d2d0f2f2490b13802b5046db8b3
|
|
| MD5 |
70869875e0c074775ebc5fccea1b8ffc
|
|
| BLAKE2b-256 |
cbb14a121106c58fcfeb9cf7aa2d5a077a94979cc47061996b43bea91e92337c
|
