diff options
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/Changelog.md | 2 | ||||
| -rw-r--r-- | docs/fuzzing_in_depth.md | 4 |
2 files changed, 4 insertions, 2 deletions
diff --git a/docs/Changelog.md b/docs/Changelog.md index 87c01f21..8d9a0aa8 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -14,6 +14,8 @@ - now also shows coverage reached - option -m shows only very relevant stats - option -n will not use color in the output + - frida_mode: + - fixes support for large map offsets - added benchmark/benchmark.sh if you want to see how good your fuzzing speed is in comparison to other setups. diff --git a/docs/fuzzing_in_depth.md b/docs/fuzzing_in_depth.md index f75ca5dc..5a5acbb2 100644 --- a/docs/fuzzing_in_depth.md +++ b/docs/fuzzing_in_depth.md @@ -616,7 +616,7 @@ For every secondary fuzzer there should be a variation, e.g.: be one of them! (Although this is not really recommended.) All other secondaries should be used like this: -* a quarter to a third with the MOpt mutator enabled: `-L 0` +* 10-20% with the MOpt mutator enabled: `-L 0` * run with a different power schedule, recommended are: `fast` (default), `explore`, `coe`, `lin`, `quad`, `exploit`, and `rare` which you can set with the `-p` option, e.g., `-p explore`. See the @@ -940,7 +940,7 @@ too long for your overall available fuzz run time. * 65% for `AFL_DISABLE_TRIM` * 50% for `AFL_KEEP_TIMEOUTS` * 50% use a dictionary generated by `AFL_LLVM_DICT2FILE` + `AFL_LLVM_DICT2FILE_NO_MAIN=1` - * 40% use MOpt (`-L 0`) + * 10% use MOpt (`-L 0`) * 40% for `AFL_EXPAND_HAVOC_NOW` * 20% for old queue processing (`-Z`) * for CMPLOG targets, 70% for `-l 2`, 10% for `-l 3`, 20% for `-l 2AT` |