Merge pull request #1944 from AFLplusplus/inject

Inject fuzzing
author: van Hauser <vh@thc.org> 2023-12-30 10:51:47 +0100
committer: GitHub <noreply@github.com> 2023-12-30 10:51:47 +0100
commit: 2260a065f41d055d7e1515c620c18772ae7915d6 (patch)
tree: 19553169a33d1506c3a6bac675caa60adf24bff3 /docs/env_variables.md
parent: c39596c8bf44c9fe04180d9cf298fd2db36637ac (diff)
parent: 1eb54c4c3eb4ab4bc12f7f1f80f5ece15b238ef0 (diff)
download: afl++-2260a065f41d055d7e1515c620c18772ae7915d6.tar.gz
1 files changed, 13 insertions, 0 deletions
diff --git a/docs/env_variables.md b/docs/env_variables.md
index a7636511..a972b6da 100644
--- a/docs/env_variables.md
+++ b/docs/env_variables.md
@@ -196,6 +196,19 @@ in the specified file.
 For more information, see
 [instrumentation/README.instrument_list.md](../instrumentation/README.instrument_list.md).
 
+#### INJECTIONS
+
+This feature is able to find simple injection vulnerabilities in insecure
+calls to mysql/mariadb/nosql/postgresql/ldap and XSS in libxml2.
+
+  - Setting `AFL_LLVM_INJECTIONS_ALL` will enable all injection hooking
+
+  - Setting `AFL_LLVM_INJECTIONS_SQL` will enable SQL injection hooking
+
+  - Setting `AFL_LLVM_INJECTIONS_LDAP` will enable LDAP injection hooking
+
+  - Setting `AFL_LLVM_INJECTIONS_XSS` will enable XSS injection hooking
+
 #### LAF-INTEL
 
 This great feature will split compares into series of single byte comparisons to
author	van Hauser <vh@thc.org>	2023-12-30 10:51:47 +0100
committer	GitHub <noreply@github.com>	2023-12-30 10:51:47 +0100
commit	2260a065f41d055d7e1515c620c18772ae7915d6 (patch)
tree	19553169a33d1506c3a6bac675caa60adf24bff3 /docs/env_variables.md
parent	c39596c8bf44c9fe04180d9cf298fd2db36637ac (diff)
parent	1eb54c4c3eb4ab4bc12f7f1f80f5ece15b238ef0 (diff)
download	afl++-2260a065f41d055d7e1515c620c18772ae7915d6.tar.gz