vul337

vul337 / FirmAgent

Public

Official repository for the NDSS 2026 research paper titled "FirmAgent: Leveraging Fuzzing to Assist LLM Agents with IoT Firmware Vulnerability Discovery"

17
4
100% credibility
Found Mar 12, 2026 at 15 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
C
AI Summary

FirmAgent is a toolkit that automates vulnerability discovery in IoT firmware through fuzzing and AI-assisted analysis.

How It Works

1
🔍 Discover FirmAgent

You hear about FirmAgent, a helpful tool for checking IoT device firmware for security weaknesses.

2
📦 Prepare your firmware

Gather the firmware binary from your device that you own or have permission to test.

3
🚀 Run quick analysis

Use one simple command to scan the firmware and find potential weak spots like dangerous functions and entry points.

4
🛡️ Set up safe testing environment

Optionally create a virtual copy of your device to safely poke around without risking the real thing.

5
🔄 Start fuzzing

Launch the fuzzer to send test inputs and watch for crashes or odd behaviors.

6
🤖 AI checks for exploits

Let the smart assistant review fuzzing results and craft working examples of any issues found.

Firmware secured

You now know your device's weaknesses and can fix them or report responsibly.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 15 to 17 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is FirmAgent?

FirmAgent automates vulnerability discovery in re-hosted IoT firmware by combining fuzzing with LLM agents. Upload a binary, run pre-fuzzing to extract API endpoints, parameters, and sink distances, then fuzz emulated services via Greenhouse and QEMU while tracking control flow. LLMs analyze taint flows from fuzz hits to validate bugs and spit out PoCs for issues like buffer overflows or command injections. Built in Python with C binaries, it's the official GitHub repository for the NDSS 2026 paper on leveraging fuzzing to assist LLM agents with IoT firmware vulnerability discovery.

Why is it gaining traction?

It bridges fuzzing's runtime reach with LLMs' code reasoning, prioritizing paths close to sinks and generating mutation dicts from decompiled APIs—far smarter than blind fuzzers. The single-command pre-fuzzing workflow and integration with official GitHub Actions for emulation make scaling firmware tests feasible without deep RE expertise. Early adopters hook it to Firmament or Ubuntu official repositories for quick IoT hunts.

Who should use this?

IoT security researchers fuzzing httpd daemons or CGI bins from vendor firmware. Pentesters with Greenhouse setups targeting command injection in embedded devices. Firmware analysts needing PoCs from dynamic taint traces, not just static reports.

Verdict

Grab it for research if you have IDA Pro and Greenhouse—solid paper backing, but 15 stars and 1.0% credibility score signal prototype maturity with spotty docs. Polish the Fuzzer.py templates per target first.

(187 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.