diff options
| -rw-r--r-- | custom_mutators/autotokens/README | 12 | ||||
| -rw-r--r-- | custom_mutators/autotokens/TODO | 13 |
2 files changed, 25 insertions, 0 deletions
diff --git a/custom_mutators/autotokens/README b/custom_mutators/autotokens/README new file mode 100644 index 00000000..6849279e --- /dev/null +++ b/custom_mutators/autotokens/README @@ -0,0 +1,12 @@ +# autotokens + +This implements an improved autotoken idea presented in +[Token-Level Fuzzing][https://www.usenix.org/system/files/sec21-salls.pdf]. +It is a grammar fuzzer without actually knowing the grammar. + +It is recommended to run with together in an instance with `CMPLOG`. + +If you have a dictionary (`-x`) this improves this custom grammar mutator. + +If **not** run with `CMPLOG`, it is possible to set `AFL_CUSTOM_MUTATOR_ONLY`, +to concentrate on grammar bug classes. diff --git a/custom_mutators/autotokens/TODO b/custom_mutators/autotokens/TODO new file mode 100644 index 00000000..700b3fa7 --- /dev/null +++ b/custom_mutators/autotokens/TODO @@ -0,0 +1,13 @@ +whitespace belassen oder notieren? MAYBE +0=space 1=tab 2=linefeed + +dictionary mitverwenden? JA aber nur ascii +-> neue liste? +wie mache ich das bei honggfuzz? +ansonsten neuer custom mutator entrypoint? + +nur is_ascii wenn cmplog aktiv, ansonsten eigene implementierung +die aber dann dafür sorgt dass eine leere struktur da ist. +is is_ascii in afl-common.o ? + +cmplog: only add tokens that were found to fit? |