diff options
| author | van Hauser <vh@thc.org> | 2020-12-11 11:38:22 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-12-11 11:38:22 +0100 |
| commit | 12d62d539353517abee8069df6e591f4fc474e93 (patch) | |
| tree | c7ec08c39d3153ab3de1602fbda0739dd32dd37e /utils/README.md | |
| parent | 3997d06cbd09e12cd0367170b3e2698ee71dd8cf (diff) | |
| parent | d5ded820e5b610f330cf23f53c21c169032a725a (diff) | |
| download | afl++-12d62d539353517abee8069df6e591f4fc474e93.tar.gz | |
Merge pull request #617 from AFLplusplus/dev
push to stable
Diffstat (limited to 'utils/README.md')
| -rw-r--r-- | utils/README.md | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/utils/README.md b/utils/README.md new file mode 100644 index 00000000..336b6b6c --- /dev/null +++ b/utils/README.md @@ -0,0 +1,54 @@ +# AFL++ Examples + +Here's a quick overview of the stuff you can find in this directory: + + - afl_network_proxy - fuzz a target over the network: afl-fuzz on + a host, target on an embedded system. + + - afl_proxy - skeleton file example to show how to fuzz + something where you gather coverage data via + different means, e.g. hw debugger + + - afl_untracer - fuzz binary-only libraries much faster but with + less coverage than qemu_mode + + - argv_fuzzing - a simple wrapper to allow cmdline to be fuzzed + (e.g., to test setuid programs). + + - asan_cgroups - a contributed script to simplify fuzzing ASAN + binaries with robust memory limits on Linux. + + - bash_shellshock - a simple hack used to find a bunch of + post-Shellshock bugs in bash. + + - canvas_harness - a test harness used to find browser bugs with a + corpus generated using simple image parsing + binaries & afl-fuzz. + + - clang_asm_normalize - a script that makes it easy to instrument + hand-written assembly, provided that you have clang. + + - crash_triage - a very rudimentary example of how to annotate crashes + with additional gdb metadata. + + - custom_mutators - examples for the afl++ custom mutator interface in + C and Python + + - distributed_fuzzing - a sample script for synchronizing fuzzer instances + across multiple machines (see parallel_fuzzing.md). + + - libpng_no_checksum - a sample patch for removing CRC checks in libpng. + + - persistent_mode - an example of how to use the LLVM persistent process + mode to speed up certain fuzzing jobs. + + - socket_fuzzing - a LD_PRELOAD library 'redirects' a socket to stdin + for fuzzing access with afl++ + +Note that the minimize_corpus.sh tool has graduated from the utils/ +directory and is now available as ../afl-cmin. The LLVM mode has likewise +graduated to ../instrumentation/*. + +Most of the tools in this directory are meant chiefly as examples that need to +be tweaked for your specific needs. They come with some basic documentation, +but are not necessarily production-grade. |