Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/ispras/casr/llms.txt

Use this file to discover all available pages before exploring further.

CASR (Crash Analysis and Severity Report) is an open-source toolkit that helps security engineers and fuzzing practitioners collect, triage, and score crash reports. Whether you’re post-processing AFL++ output or running a continuous fuzzing pipeline, CASR turns raw crashes into structured, deduplicated, and severity-ranked .casrep JSON reports.

What is CASR

CASR is two things at once:
  • A suite of CLI tools — each one targets a specific crash source (sanitizers, GDB, coredumps, language runtimes) and produces a unified .casrep JSON report.
  • libcasr — a Rust library that powers all the tools and can be embedded directly in your own analysis code. It provides APIs for parsing stack traces, collecting crash metadata, deduplicating, clustering, and estimating exploitability.
Reports are stored in JSON and contain severity ratings, OS and package metadata, command-line invocation, stack traces with source snippets, register values, and disassembly — everything needed to reproduce and understand a crash at a glance.

Key Capabilities

Severity Estimation

Classifies crashes as EXPLOITABLE, PROBABLY_EXPLOITABLE, NOT_EXPLOITABLE, or NOT_CRITICAL for x86, x86_64, ARM32, AArch64, rv32g, and rv64g — inspired by GDB’s exploitable plugin.

Multi-Language Support

Generates crash reports for C/C++, Rust, Go, Java, JavaScript, Python, Lua, and C# programs from a single unified interface.

Fuzzer Integration

First-class triage pipelines for AFL++, libFuzzer, LibAFL, Atheris, Jazzer, Jazzer.js, jsfuzz, Sharpfuzz, go-fuzz, and luzer.

Deduplication & Clustering

casr-cluster removes duplicate reports and groups related crashes by stack-trace similarity so you focus on unique root causes.

TUI Viewer

casr-cli renders .casrep files in a rich terminal UI, shows cluster statistics, and exports entire result sets to SARIF for CI/CD integration.

DefectDojo Integration

casr-dojo uploads new and unique crash reports directly to a DefectDojo instance, enabling seamless vulnerability management workflows.

Architecture Overview

CASR is organized around a family of single-purpose binaries that all emit the same .casrep format:
ToolPurpose
casr-sanAnalyze AddressSanitizer and MemorySanitizer output
casr-ubsanAnalyze UndefinedBehaviorSanitizer errors across multiple inputs
casr-gdbCollect reports via GDB for uninstrumented binaries
casr-coreCreate reports from Linux coredumps
casr-pythonAnalyze Python exceptions; integrates with Atheris
casr-javaAnalyze Java exceptions; integrates with Jazzer
casr-jsAnalyze JavaScript exceptions; integrates with Jazzer.js and jsfuzz
casr-csharpAnalyze C# exceptions; integrates with Sharpfuzz
casr-luaAnalyze Lua runtime errors
casr-clusterDeduplicate (-d) and cluster (-c) report collections
casr-cliInteractive TUI viewer and SARIF exporter
casr-aflEnd-to-end triage pipeline for AFL++ and Sharpfuzz crashes
casr-libfuzzerEnd-to-end triage pipeline for libFuzzer, LibAFL, and compatible fuzzers
casr-dojoUpload unique reports to DefectDojo (requires dojo feature)
All tools are built on top of libcasr, which handles stack-trace parsing, severity classification, deduplication logic, and JSON serialization. You can use libcasr directly as a Rust crate if you want to embed crash analysis in your own tooling.

Supported Architectures

CASR’s severity estimation works on the following CPU architectures:
  • x86 (32-bit)
  • x86_64 (64-bit)
  • ARM32
  • AArch64
  • rv32g (RISC-V 32-bit)
  • rv64g (RISC-V 64-bit)

Supported Languages

libcasr can parse crashes originating from programs written in:
  • C / C++
  • C#
  • Go
  • Java
  • JavaScript
  • Lua
  • Python
  • Rust
Language-specific tools (casr-python, casr-java, casr-js, casr-csharp, casr-lua) wrap libcasr and understand the respective runtime’s stack trace format, exception model, and fuzzing harness conventions.

Running CASR in Docker

CASR disables address-space randomization for better deduplication accuracy and uses ptrace to attach GDB. When running inside a container, you must pass extra capabilities to Docker.
Start your container with --cap-add=SYS_PTRACE --security-opt seccomp=unconfined, otherwise casr-gdb and ASLR-disabling features will not work correctly.
docker run --cap-add=SYS_PTRACE --security-opt seccomp=unconfined -it my-casr-image

Next Steps

Installation

Install CASR from crates.io, a prebuilt binary, or build from source.

Quickstart

Compile a test program, generate your first crash report, and run the triage pipeline end to end.

Build docs developers (and LLMs) love