American fuzzy lop is a security-oriented fuzzer
American fuzzy lop is a security-oriented fuzzer that employs a novel type of compile-time instrumentation and genetic algorithms to automatically discover clean, interesting test cases that trigger new internal states in the targeted binary. This substantially improves the functional coverage for the fuzzed code. The compact synthesized corpora produced by the tool are also useful for seeding other, more labor- or resource-intensive testing regimes down the road.
Compared to other instrumented fuzzers, afl-fuzz is designed to be practical: it has modest performance overhead, uses a variety of highly effective fuzzing strategies and effort minimization tricks, requires essentially no configuration, and seamlessly handles complex, real-world use cases - say, common image parsing or file compression libraries.
- Developed at devel:tools
- Sources inherited from project openSUSE:Factory
-
1
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:42:Factory-Candidates-Check/afl && cd $_
- Create Badge
Source Files
Filename | Size | Changed |
---|---|---|
2.66c.tar.gz | 0001500172 1.43 MB | |
afl-2.63c-fix-paths.patch | 0000000468 468 Bytes | |
afl-rpmlintrc | 0000000725 725 Bytes | |
afl.changes | 0000051567 50.4 KB | |
afl.spec | 0000002898 2.83 KB |
Revision 52 (latest revision is 82)
- updated to 2.66c - renamed blacklist/whitelist to ignorelist/instrumentlist -> AFL_LLVM_INSTRUMENT_FILE and AFL_GCC_INSTRUMENT_FILE - warn on deprecated environment variables - afl-fuzz: - -S secondary nodes now only sync from the main node to increase performance, the -M main node still syncs from everyone. Added checks that ensure exactly one main node is present and warn otherwise - Add -D after -S to force a secondary to perform deterministic fuzzing - If no main node is present at a sync one secondary node automatically becomes a temporary main node until a real main nodes shows up - Fixed a mayor performance issue we inherited from AFLfast - switched murmur2 hashing and random() for xxh3 and xoshiro256**, resulting in an up to 5.5% speed increase - Resizing the window does not crash afl-fuzz anymore - Ensure that the targets are killed on exit - fix/update to MOpt (thanks to arnow117) - added MOpt dictionary support from repo - added experimental SEEK power schedule. It is EXPLORE with ignoring the runtime and less focus on the length of the test case - llvm_mode: - the default instrumentation is now PCGUARD if the llvm version is >= 7, as it is faster and provides better coverage. The original afl instrumentation can be set via AFL_LLVM_INSTRUMENT=AFL. This is automatically done when the instrument_file list feature is used. - PCGUARD mode is now even better because we made it collision free - plus it has a fixed map size, so it is also faster! :) - some targets want a ld variant for LD that is not gcc/clang but ld, added afl-ld-lto to solve this - lowered minimum required llvm version to 3.4 (except LLVMInsTrim, which (forwarded request 818318 from msmeissn)
Comments 0