American fuzzy lop is a security-oriented fuzzer
American fuzzy lop is a security-oriented fuzzer that employs a novel type of compile-time instrumentation and genetic algorithms to automatically discover clean, interesting test cases that trigger new internal states in the targeted binary. This substantially improves the functional coverage for the fuzzed code. The compact synthesized corpora produced by the tool are also useful for seeding other, more labor- or resource-intensive testing regimes down the road.
Compared to other instrumented fuzzers, afl-fuzz is designed to be practical: it has modest performance overhead, uses a variety of highly effective fuzzing strategies and effort minimization tricks, requires essentially no configuration, and seamlessly handles complex, real-world use cases - say, common image parsing or file compression libraries.
- Developed at devel:tools
- Sources inherited from project openSUSE:Factory
-
1
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:42:Factory-Candidates-Check/afl && cd $_
- Create Badge
Source Files
Filename | Size | Changed |
---|---|---|
2.58c.tar.gz | 0000986561 963 KB | |
afl-1.58b-fix-paths.patch | 0000000568 568 Bytes | |
afl-rpmlintrc | 0000000725 725 Bytes | |
afl.changes | 0000028963 28.3 KB | |
afl.spec | 0000002801 2.74 KB |
Revision 43 (latest revision is 82)
- updated to 2.58c - reverted patch to not unlink and recreate the input file, it resulted in performance loss of ~10% - added test/test-performance.sh script - (re)added gcc_plugin, fast inline instrumentation is not yet finished, however it includes the whitelisting and persistance feature! by hexcoder- - gcc_plugin tests added to testing framework - jump to 2.57 instead of 2.55 to catch up with Google's versioning - persistent mode for QEMU (see qemu_mode/README.md) - custom mutator library is now an additional mutator, to exclusivly use it - add AFL_CUSTOM_MUTATOR_ONLY (that will trigger the previous behaviour) - new library qemu_mode/unsigaction which filters sigaction events - afl-fuzz: new command line option -I to execute a command on a new crash - no more unlinking the input file, this way the input file can also be a - FIFO or disk partition - setting LLVM_CONFIG for llvm_mode will now again switch to the selected - llvm version. If your setup is correct. - fuzzing strategy yields for custom mutator were missing from the UI, added them :) - added "make tests" which will perform checks to see that all functionality - is working as expected. this is currently the starting point, its not complete :) - added mutation documentation feature ("make document"), creates afl-fuzz-document - and saves all mutations of the first run on the first file into out/queue/mutations - libtokencap and libdislocator now compile to the afl_root directory and are - installed to the .../lib/afl directory when present during make install - more BSD support, e.g. free CPU binding code for FreeBSD (thanks to devnexen) - reducing duplicate code in afl-fuzz - added "make help" - removed compile warnings from python internal stuff - added man page for afl-clang-fast[++] - updated documentation - Wine mode to run Win32 binaries with the QEMU instrumentation (-W) - CompareCoverage for ARM target in QEMU/Unicorn
Comments 0