diff options
| author | van Hauser <vh@thc.org> | 2022-04-08 23:12:33 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-04-08 23:12:33 +0200 |
| commit | c208dcf9c573e3d85990c7dea777646f7fa4961c (patch) | |
| tree | 863f7475bcadc4ee60eed6c0af50c897f6c5c276 /docs/fuzzing_in_depth.md | |
| parent | 9933a6f3ab6c5b02c9f108dded6eb93ed59d2941 (diff) | |
| parent | d8317182ef5e2afbff56de697be85b10a4abece1 (diff) | |
| download | afl++-c208dcf9c573e3d85990c7dea777646f7fa4961c.tar.gz | |
Merge pull request #1383 from AFLplusplus/keep_tout
Keep timeouts option
Diffstat (limited to 'docs/fuzzing_in_depth.md')
| -rw-r--r-- | docs/fuzzing_in_depth.md | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/docs/fuzzing_in_depth.md b/docs/fuzzing_in_depth.md index cff00f77..2bbfa1c1 100644 --- a/docs/fuzzing_in_depth.md +++ b/docs/fuzzing_in_depth.md @@ -911,16 +911,17 @@ normal fuzzing campaigns as these are much shorter runnings. * Keep the generated corpus, use afl-cmin and reuse it every time! 2. Additionally randomize the AFL++ compilation options, e.g.: - * 40% for `AFL_LLVM_CMPLOG` - * 10% for `AFL_LLVM_LAF_ALL` + * 30% for `AFL_LLVM_CMPLOG` + * 5% for `AFL_LLVM_LAF_ALL` 3. Also randomize the afl-fuzz runtime options, e.g.: * 65% for `AFL_DISABLE_TRIM` + * 50% for `AFL_KEEP_TIMEOUTS` * 50% use a dictionary generated by `AFL_LLVM_DICT2FILE` * 40% use MOpt (`-L 0`) * 40% for `AFL_EXPAND_HAVOC_NOW` * 20% for old queue processing (`-Z`) - * for CMPLOG targets, 60% for `-l 2`, 40% for `-l 3` + * for CMPLOG targets, 70% for `-l 2`, 10% for `-l 3`, 20% for `-l 2AT` 4. Do *not* run any `-M` modes, just running `-S` modes is better for CI fuzzing. `-M` enables old queue handling etc. which is good for a fuzzing |