about summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--docs/fuzzing_in_depth.md26
-rw-r--r--docs/third_party_tools.md2
2 files changed, 28 insertions, 0 deletions
diff --git a/docs/fuzzing_in_depth.md b/docs/fuzzing_in_depth.md
index a0bf1566..1645ba5c 100644
--- a/docs/fuzzing_in_depth.md
+++ b/docs/fuzzing_in_depth.md
@@ -900,6 +900,32 @@ then color-codes the input based on which sections appear to be critical and
 which are not; while not bulletproof, it can often offer quick insights into
 complex file formats.
 
+`casr-afl` from [CASR](https://github.com/ispras/casr) tools provides a
+straightforward CASR integration with AFL++. While walking through afl
+instances, `casr-afl` generates crash reports depending on target binary. For
+binary with ASAN `casr-san` is used, otherwise `casr-gdb`. On the next step
+report deduplication is done by `casr-cluster`. Finally, reports are triaged
+into clusters. Crash reports contain many useful information: severity
+(like [exploitable](https://github.com/jfoote/exploitable)), OS and package
+versions, command line, stack trace, register values, disassembly, and even
+source code fragment where crash appeared.
+
+**NOTE:** `casr-gdb` and `casr-san` should be in PATH to make `casr-afl` work.
+Before using casr-afl, please, follow the installation
+[guide](https://github.com/ispras/casr#getting-started). Using `casr-afl` is
+very simple:
+
+```shell
+casr-afl -i /path/to/afl/out/dir -o /path/to/casr/out/dir
+```
+
+Output directory contains subdirectories (cl1...clN) with report clusters. To
+view reports you could use `casr-cli` tool:
+
+```shell
+casr-cli /path/to/casr/out/dir/cl1/report.casrep
+```
+
 ## 5. CI fuzzing
 
 Some notes on continuous integration (CI) fuzzing - this fuzzing is different to
diff --git a/docs/third_party_tools.md b/docs/third_party_tools.md
index 1175d9e5..97f2c362 100644
--- a/docs/third_party_tools.md
+++ b/docs/third_party_tools.md
@@ -62,3 +62,5 @@
   generates builds of debian packages suitable for AFL.
 * [afl-fid](https://github.com/FoRTE-Research/afl-fid) - a set of tools for
   working with input data.
+* [CASR](https://github.com/ispras/casr) - a set of tools for crash triage and
+  analysis.
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-05-21 21:11:34 +0000