diff options
| author | van Hauser <vh@thc.org> | 2023-12-24 11:08:26 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-12-24 11:08:26 +0100 |
| commit | dcb5bc3fa5b48b316719cb6abab856697dc29bda (patch) | |
| tree | 71f058cf819e53307ef24c5092b38b72f5b321fe /docs | |
| parent | 108fb0b29ad1586e668ba23e23a0eb1a13c45c49 (diff) | |
| parent | daaefcddc063b356018c29027494a00bcfc3e240 (diff) | |
| download | afl++-dcb5bc3fa5b48b316719cb6abab856697dc29bda.tar.gz | |
Merge pull request #1941 from AFLplusplus/dev
push to stable
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/Changelog.md | 11 | ||||
| -rw-r--r-- | docs/fuzzing_binary-only_targets.md | 8 |
2 files changed, 11 insertions, 8 deletions
diff --git a/docs/Changelog.md b/docs/Changelog.md index 2dfcb482..c8f04217 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -3,6 +3,16 @@ This is the list of all noteworthy changes made in every public release of the tool. See README.md for the general instruction manual. +### Version ++4.10a (dev) + - afl-fuzz: + - default power schedule is now EXPLORE, due a fix in fast schedules + explore is slightly better now. + - fixed minor issues in the mutation engine, thanks to @futhewo for + reporting! + - instrumentation: + - LLVM 18 support, thanks to @devnexen! + + ### Version ++4.09c (release) - afl-fuzz: - fixed the new mutation implementation for two bugs @@ -34,7 +44,6 @@ - added benchmark/benchmark.py if you want to see how good your fuzzing speed is in comparison to other setups. - ### Version ++4.08c (release) - afl-fuzz: - new mutation engine: mutations that favor discovery more paths are diff --git a/docs/fuzzing_binary-only_targets.md b/docs/fuzzing_binary-only_targets.md index 9d9d6bb6..a151bce4 100644 --- a/docs/fuzzing_binary-only_targets.md +++ b/docs/fuzzing_binary-only_targets.md @@ -94,8 +94,7 @@ For more information, see In FRIDA mode, you can fuzz binary-only targets as easily as with QEMU mode. FRIDA mode is most of the times slightly faster than QEMU mode. It is also -newer, lacks COMPCOV, and has the advantage that it works on MacOS (both intel -and M1). +newer, and has the advantage that it works on MacOS (both intel and M1). To build FRIDA mode: @@ -113,10 +112,6 @@ The mode is approximately 2-5x slower than compile-time instrumentation, and is less conducive to parallelization. But for binary-only fuzzing, it gives a huge speed improvement if it is possible to use. -If you want to fuzz a binary-only library, then you can fuzz it with frida-gum -via frida_mode/. You will have to write a harness to call the target function in -the library, use afl-frida.c as a template. - You can also perform remote fuzzing with frida, e.g., if you want to fuzz on iPhone or Android devices, for this you can use [https://github.com/ttdennis/fpicker/](https://github.com/ttdennis/fpicker/) as @@ -302,7 +297,6 @@ some are very hard to set up... * S2E: [https://github.com/S2E](https://github.com/S2E) * TinyInst: [https://github.com/googleprojectzero/TinyInst](https://github.com/googleprojectzero/TinyInst) - (Mac/Windows only) * ... please send me any missing that are good ## Closing words |