diff options
| author | van Hauser <vh@thc.org> | 2023-06-29 18:00:46 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-06-29 18:00:46 +0300 |
| commit | 641d02ab7211585e72e215405cd49c0712a8b4df (patch) | |
| tree | 6bf544caf53f4ef7f7ca8ad02c2a412150758aa9 /docs | |
| parent | af8c68a774d0271ae6a2145ac566e1c7024e95d5 (diff) | |
| parent | 3e1d7941077b1457f702988063d6b9fdd9b80740 (diff) | |
| download | afl++-641d02ab7211585e72e215405cd49c0712a8b4df.tar.gz | |
Merge pull request #1780 from AFLplusplus/dev
push to stable
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/Changelog.md | 26 | ||||
| -rw-r--r-- | docs/tutorials.md | 5 |
2 files changed, 31 insertions, 0 deletions
diff --git a/docs/Changelog.md b/docs/Changelog.md index c52ddd56..ad58e99e 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -3,6 +3,32 @@ This is the list of all noteworthy changes made in every public release of the tool. See README.md for the general instruction manual. +### Version ++4.08a (dev) + - afl-fuzz: + - new mutation engine: mutations that favor discovery more paths are + prefered until no new finds for 10 minutes then switching to mutations + that favor triggering crashes. Modes and switch time can be configured + with `-P`. Also input mode for the target can be defined with `-a` to + be `text` or `binary` (defaults to `generic`) + - new custom mutator that has the new afl++ engine (so it can easily + incorporated into new custom mutators), and also comes with a standalone + command line tool! See custom_mutators/aflpp/standalone/ + - display the state of the fuzzing run in the UI :-) + - fix timeout setting if '+' is used or a session is restarted + - afl-cmin/afl-cmin.bash: + - fixed a bug inherited from vanilla AFL where a coverage of + map[123] = 11 would be the same as map[1123] = 1 + - warn on crashing inputs + - afl-cc: + - fixed an off-by-one instrumentation of iselect, hurting coverage a bit. + Thanks to @amykweon for spotting and fixing! + - @toka fixed a bug in laf-intel signed integer comparison splitting, + thanks a lot!! + - more LLVM compatability + - frida_mode: + - support for long form instrumentation on x86_x64 and arm64 + + ### Version ++4.07c (release) - afl-fuzz: - reverse reading the seeds only on restarts (increases performance) diff --git a/docs/tutorials.md b/docs/tutorials.md index 342080fd..a5ee3322 100644 --- a/docs/tutorials.md +++ b/docs/tutorials.md @@ -8,6 +8,7 @@ Here are some good write-ups to show how to effectively use AFL++: * [https://aflplus.plus/docs/tutorials/libxml2_tutorial/](https://aflplus.plus/docs/tutorials/libxml2_tutorial/) * [https://bananamafia.dev/post/gb-fuzz/](https://bananamafia.dev/post/gb-fuzz/) +* [https://bushido-sec.com/index.php/2023/06/19/the-art-of-fuzzing/](https://bushido-sec.com/index.php/2023/06/19/the-art-of-fuzzing/) * [https://securitylab.github.com/research/fuzzing-challenges-solutions-1](https://securitylab.github.com/research/fuzzing-challenges-solutions-1) * [https://securitylab.github.com/research/fuzzing-software-2](https://securitylab.github.com/research/fuzzing-software-2) * [https://securitylab.github.com/research/fuzzing-sockets-FTP](https://securitylab.github.com/research/fuzzing-sockets-FTP) @@ -20,6 +21,10 @@ training, then we can highly recommend the following: * [https://github.com/antonio-morales/Fuzzing101](https://github.com/antonio-morales/Fuzzing101) +Here is a good forkflow description (and tutorial) for qemu_mode: + +* [https://airbus-seclab.github.io/AFLplusplus-blogpost/](https://airbus-seclab.github.io/AFLplusplus-blogpost/) + Here is good workflow description for frida_mode: * [https://blog.quarkslab.com/android-greybox-fuzzing-with-afl-frida-mode.html](https://blog.quarkslab.com/android-greybox-fuzzing-with-afl-frida-mode.html) |