diff options
Diffstat (limited to 'frida_mode')
| -rw-r--r-- | frida_mode/README.md | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/frida_mode/README.md b/frida_mode/README.md index a75324d5..6c46fe08 100644 --- a/frida_mode/README.md +++ b/frida_mode/README.md @@ -145,6 +145,10 @@ instances run CMPLOG mode and instrumentation of the binary is less frequent (only on CMP, SUB and CALL instructions) performance is not quite so critical. ## Advanced configuration options +* `AFL_FRIDA_DRIVER_NO_HOOK` - See `AFL_QEMU_DRIVER_NO_HOOK`. When using the +QEMU driver to provide a `main` loop for a user provided +`LLVMFuzzerTestOneInput`, this option configures the driver to read input from +`stdin` rather than using in-memory test cases. * `AFL_FRIDA_INST_COVERAGE_FILE` - File to write DynamoRio format coverage information (e.g. to be loaded within IDA lighthouse). * `AFL_FRIDA_INST_DEBUG_FILE` - File to write raw assembly of original blocks @@ -194,6 +198,8 @@ is logged only once, requires `AFL_FRIDA_INST_NO_OPTIMIZE`. * `AFL_FRIDA_INST_UNSTABLE_COVERAGE_FILE` - File to write DynamoRio format coverage information for unstable edges (e.g. to be loaded within IDA lighthouse). +* `AFL_FRIDA_JS_SCRIPT` - Set the script to be loaded by the FRIDA scripting +engine. See [here](Scripting.md) for details. * `AFL_FRIDA_OUTPUT_STDOUT` - Redirect the standard output of the target application to the named file (supersedes the setting of `AFL_DEBUG_CHILD`) * `AFL_FRIDA_OUTPUT_STDERR` - Redirect the standard error of the target |