diff options
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 35 |
1 files changed, 18 insertions, 17 deletions
diff --git a/README.md b/README.md index 76f510c8..14a42b7e 100644 --- a/README.md +++ b/README.md @@ -2,11 +2,11 @@ <img align="right" src="https://raw.githubusercontent.com/andreafioraldi/AFLplusplus-website/master/static/logo_256x256.png" alt="AFL++ Logo"> -  +  - Release Version: [2.65c](https://github.com/AFLplusplus/AFLplusplus/releases) + Release Version: [2.66c](https://github.com/AFLplusplus/AFLplusplus/releases) - Github Version: 2.65d + Github Version: 2.66d includes all necessary/interesting changes from Google's afl 2.56b @@ -40,7 +40,7 @@ * InsTrim, a very effective CFG llvm_mode instrumentation implementation for large targets: [https://github.com/csienslab/instrim](https://github.com/csienslab/instrim) - * C. Holler's afl-fuzz Python mutator module and llvm_mode whitelist support: [https://github.com/choller/afl](https://github.com/choller/afl) + * C. Holler's afl-fuzz Python mutator module and llvm_mode instrument file support: [https://github.com/choller/afl](https://github.com/choller/afl) * Custom mutator by a library (instead of Python) by kyakdan @@ -54,7 +54,7 @@ * Win32 PE binary-only fuzzing with QEMU and Wine - * Radamsa mutator (enable with `-R` to add or `-RR` to run it exclusively). + * Radamsa mutator (as a custom mutator). * QBDI mode to fuzz android native libraries via QBDI framework @@ -70,7 +70,7 @@ | Persistent mode | | x | x | x86[_64]/arm[64] | x | | LAF-Intel / CompCov | | x | | x86[_64]/arm[64] | x86[_64]/arm | | CmpLog | | x | | x86[_64]/arm[64] | | - | Whitelist | | x | x | (x)(3) | | + | Instrument file list | | x | x | (x)(3) | | | Non-colliding coverage | | x(4) | | (x)(5) | | | InsTrim | | x | | | | | Ngram prev_loc coverage | | x(6) | | | | @@ -167,8 +167,8 @@ is what you should choose. These build targets exist: * all: just the main afl++ binaries -* binary-only: everything for binary-only fuzzing: qemu_mode, unicorn_mode, libdislocator, libtokencap, radamsa -* source-only: everything for source code fuzzing: llvm_mode, libdislocator, libtokencap, radamsa +* binary-only: everything for binary-only fuzzing: qemu_mode, unicorn_mode, libdislocator, libtokencap +* source-only: everything for source code fuzzing: llvm_mode, libdislocator, libtokencap * distrib: everything (for both binary-only and source code fuzzing) * man: creates simple man pages from the help option of the programs * install: installs everything you have compiled with the build options above @@ -297,7 +297,7 @@ Using the LAF Intel performance enhancements are also recommended, see [llvm_mode/README.laf-intel.md](llvm_mode/README.laf-intel.md) Using partial instrumentation is also recommended, see -[llvm_mode/README.whitelist.md](llvm_mode/README.whitelist.md) +[llvm_mode/README.instrument_file.md](llvm_mode/README.instrument_file.md) When testing libraries, you need to find or write a simple program that reads data from stdin or from a file and passes it to the tested library. In such a @@ -371,14 +371,15 @@ therefore may increase the code coverage. The available schedules are: - - explore (default) - - fast - - coe - - quad - - lin - - exploit - - mmopt (experimental) - - rare (experimental) + - explore (default, original AFL) + - exploit (original AFL) + - fast (AFLfast) + - coe (AFLfast) + - quad (AFLfast) + - lin (AFLfast) + - rare (afl++ experimental) + - mmopt (afl++ experimental) + - seek (afl++ experimental) In parallel mode (-M/-S, several instances with the shared queue), we suggest to run the main node using the explore or fast schedule (-p explore) and the secondary |