doc update

author: van Hauser <vh@thc.org> 2019-07-21 23:58:40 +0200
committer: van Hauser <vh@thc.org> 2019-07-21 23:58:40 +0200
commit: 0a2d9af2a169d02186c0bb3c82dd6b230557a89d (patch)
tree: e5d8f7a7436e37eaeb76de00eb1cf1548dd8e31b /docs/binaryonly_fuzzing.txt
parent: 2b7a627181348f3c74d6965f34528810bf08ea55 (diff)
download: afl++-0a2d9af2a169d02186c0bb3c82dd6b230557a89d.tar.gz
1 files changed, 16 insertions, 1 deletions
diff --git a/docs/binaryonly_fuzzing.txt b/docs/binaryonly_fuzzing.txt
index ae5269f0..0fb12b2b 100644
--- a/docs/binaryonly_fuzzing.txt
+++ b/docs/binaryonly_fuzzing.txt
@@ -12,7 +12,7 @@ The following is a description of how these can be fuzzed with afl++
 
 !!!!!
 TL;DR: try DYNINST with afl-dyninst. If it produces too many crashes then
-      use afl -Q qemu_mode.
+      use afl -Q qemu_mode, or better: use both in parallel
 !!!!!
 
 
@@ -111,6 +111,21 @@ Pintool solutions:
   https://github.com/spinpx/afl_pin_mode  <= only old Pintool version supported
 
 
+Non-AFL solutions
+-----------------
+
+There are many binary-only fuzzing frameworks. Some are great for CTFs but don't
+work with large binaries, other are very slow but have good path discovery,
+some are very hard to set-up ...
+
+QSYM: https://github.com/sslab-gatech/qsym
+Manticore: https://github.com/trailofbits/manticore
+S2E: https://github.com/S2E
+<please send me any missing that are good>
+
+
+
 That's it!
 News, corrections, updates?
 Email vh@thc.org
+
author	van Hauser <vh@thc.org>	2019-07-21 23:58:40 +0200
committer	van Hauser <vh@thc.org>	2019-07-21 23:58:40 +0200
commit	0a2d9af2a169d02186c0bb3c82dd6b230557a89d (patch)
tree	e5d8f7a7436e37eaeb76de00eb1cf1548dd8e31b /docs/binaryonly_fuzzing.txt
parent	2b7a627181348f3c74d6965f34528810bf08ea55 (diff)
download	afl++-0a2d9af2a169d02186c0bb3c82dd6b230557a89d.tar.gz