AI-assisted fuzzing • local-only by default • CI-safe

PeachFuzz for defense.
CactusFuzz for authorized labs.
PeachTree for datasets.

A cohesive, safety-first fuzzing ecosystem for parsers, APIs, and agent guardrails—plus a traceable dataset engine to train and evaluate future cybersecurity copilots.

🍑 PeachFuzz repo 🌳 PeachTree repo ▶ Quick start 
$ pip install -e ".[dev,fuzz]"
$ python -m peachfuzz_ai.cli run --target json --runs 250

# PeachTrace coverage-style backend (no native deps)
$ peachfuzz run --target graphql --backend peachtrace --runs 500

# Crash minimization + pytest reproducers
$ peachfuzz minimize --target graphql reports/crashes/example.bin
$ peachfuzz reproduce --target graphql reports/minimized/example.bin --output tests/regression

The stack

Three components that reinforce each other: fuzz locally, triage deterministically, and generate provenance-rich datasets for training and evaluation.

🍑 Defensive

PeachFuzz

Agentic fuzzing harness for parser + API safety testing. Works in CI, prioritizes reproducibility, and avoids offensive network activity.

  • Deterministic backend + PeachTrace
  • Schema-aware mutators (JSON/OpenAPI/GraphQL/webhooks)
  • Crash minimization + pytest reproducers
🌵 Authorized

CactusFuzz

Scope-gated, simulation-first adversarial edition for owned/lab systems and AI-agent safety testing—proposal-only by default.

  • Guardrail packs: injection, approval bypass, exfil simulation
  • Strict scope + local-lab targeting
  • No unauthorized scanning or exploit delivery by default
🌳 Datasets

PeachTree

Recursive learning-tree dataset engine. Converts repos, docs, tests, fuzz reports, and plans into safe, deduplicated JSONL with provenance.

  • Safety + license gates
  • Manifests + lineage maps
  • Review-first owned GitHub inventory

Typical workflow

Start in defensive mode, generate reviewable artifacts, then feed the learnings into PeachTree for structured datasets.

1) Fuzz locally

Run deterministic fuzzing in CI, or PeachTrace locally for coverage-style exploration without native dependencies.

peachfuzz run --target json --backend deterministic --runs 1000
peachfuzz run --target openapi --backend peachtrace --runs 500

2) Triage + minimize

Turn crashes into minimized payloads and stable regression tests. Keep everything local and auditable.

peachfuzz minimize --target graphql reports/crashes/crash.bin
peachfuzz reproduce --target graphql reports/minimized/crash.bin --output tests/regression

3) Propose refinements

Use proposal-only self-refinement plans to suggest fixes and tests—humans review before merging.

python -m peachfuzz_ai.cli refine --report-dir reports --output MYTHOS_GLASSWING_PLAN.md

4) Build datasets

Ingest fuzz reports + repos into PeachTree JSONL with provenance and policy gates for training/eval.

peachtree ingest-local --repo ~/peachfuzz --repo-name peachfuzz --output data/raw/peachfuzz.jsonl
peachtree build --source data/raw/peachfuzz.jsonl --dataset data/datasets/peachfuzz-instruct.jsonl

Safety posture

Designed to be useful in production pipelines without becoming an offensive automation engine.

Local-only targets

Fuzzing is constrained to registered local parsers/harnesses. No third-party contact is required.

Scope gates

CactusFuzz is opt-in, scope-gated, and simulation-first. Defaults are intentionally conservative.

Review-first artifacts

Plans, diffs, reproducers, and dataset manifests are meant to be reviewed by humans before merge/train.

Get started

Clone, install, run a few targets, then wire PeachTree to generate datasets and lineage maps.

git clone https://github.com/0ai-Cyberviser/peachfuzz
cd peachfuzz
python -m venv .venv && source .venv/bin/activate
python -m pip install -e ".[dev,fuzz]"
pytest -q

# fuzz
python -m peachfuzz_ai.cli run --target json --runs 250

# datasets
git clone https://github.com/0ai-Cyberviser/PeachTree
# (see PeachTree README for peachtree ingest-local/build/audit)