From 8764375357df2a37d97de4bdb509781cec661923 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Wed, 12 Jan 2022 10:36:22 +0100 Subject: test svg background --- docs/resources/0_fuzzing_process_overview.drawio.svg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/resources') diff --git a/docs/resources/0_fuzzing_process_overview.drawio.svg b/docs/resources/0_fuzzing_process_overview.drawio.svg index 0cccee6f..dff9f351 100644 --- a/docs/resources/0_fuzzing_process_overview.drawio.svg +++ b/docs/resources/0_fuzzing_process_overview.drawio.svg @@ -1,4 +1,4 @@ -
Prepare campaign
Prepare campaign
Required task
Required task
Optional task
Optional taskCheck coverageMonitor statusTriage crashesUse multiple coresUse multiple machinesRun afl-fuzzMake input corpus uniqueMinimize corpus fileCollect inputsSelect compilerSelect optionsSelect sanitizerCompile target source codeWrite and compile harnessModify target
Instrument target
Instrument target
Fuzz target
Fuzz target
Manage campaign
Manage campaignViewer does not support full SVG 1.1 \ No newline at end of file +
Prepare campaign
Prepare campaign
Required task
Required task
Optional task
Optional taskCheck coverageMonitor statusTriage crashesUse multiple coresUse multiple machinesRun afl-fuzzMake input corpus uniqueMinimize corpus fileCollect inputsSelect compilerSelect optionsSelect sanitizerCompile target source codeWrite and compile harnessModify target
Instrument target
Instrument target
Fuzz target
Fuzz target
Manage campaign
Manage campaignViewer does not support full SVG 1.1 \ No newline at end of file -- cgit 1.4.1 From b7ddde636be70caf84bf2ab910b021dbe0044098 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Wed, 12 Jan 2022 10:42:40 +0100 Subject: svg test --- docs/resources/0_fuzzing_process_overview.drawio.svg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/resources') diff --git a/docs/resources/0_fuzzing_process_overview.drawio.svg b/docs/resources/0_fuzzing_process_overview.drawio.svg index dff9f351..aca85185 100644 --- a/docs/resources/0_fuzzing_process_overview.drawio.svg +++ b/docs/resources/0_fuzzing_process_overview.drawio.svg @@ -1,4 +1,4 @@ -
Prepare campaign
Prepare campaign
Required task
Required task
Optional task
Optional taskCheck coverageMonitor statusTriage crashesUse multiple coresUse multiple machinesRun afl-fuzzMake input corpus uniqueMinimize corpus fileCollect inputsSelect compilerSelect optionsSelect sanitizerCompile target source codeWrite and compile harnessModify target
Instrument target
Instrument target
Fuzz target
Fuzz target
Manage campaign
Manage campaignViewer does not support full SVG 1.1 \ No newline at end of file +
Prepare campaign
Prepare campaign
Required task
Required task
Optional task
Optional taskCheck coverageMonitor statusTriage crashesUse multiple coresUse multiple machinesRun afl-fuzzMake input corpus uniqueMinimize corpus fileCollect inputsSelect compilerSelect optionsSelect sanitizerCompile target source codeWrite and compile harnessModify target
Instrument target
Instrument target
Fuzz target
Fuzz target
Manage campaign
Manage campaignViewer does not support full SVG 1.1 \ No newline at end of file -- cgit 1.4.1 From e663897a8a07e4631ca6d3eccac7e6717be9a4dd Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Wed, 12 Jan 2022 11:27:19 +0100 Subject: fix --- docs/resources/0_fuzzing_process_overview.drawio.svg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/resources') diff --git a/docs/resources/0_fuzzing_process_overview.drawio.svg b/docs/resources/0_fuzzing_process_overview.drawio.svg index aca85185..0cccee6f 100644 --- a/docs/resources/0_fuzzing_process_overview.drawio.svg +++ b/docs/resources/0_fuzzing_process_overview.drawio.svg @@ -1,4 +1,4 @@ -
Prepare campaign
Prepare campaign
Required task
Required task
Optional task
Optional taskCheck coverageMonitor statusTriage crashesUse multiple coresUse multiple machinesRun afl-fuzzMake input corpus uniqueMinimize corpus fileCollect inputsSelect compilerSelect optionsSelect sanitizerCompile target source codeWrite and compile harnessModify target
Instrument target
Instrument target
Fuzz target
Fuzz target
Manage campaign
Manage campaignViewer does not support full SVG 1.1 \ No newline at end of file +
Prepare campaign
Prepare campaign
Required task
Required task
Optional task
Optional taskCheck coverageMonitor statusTriage crashesUse multiple coresUse multiple machinesRun afl-fuzzMake input corpus uniqueMinimize corpus fileCollect inputsSelect compilerSelect optionsSelect sanitizerCompile target source codeWrite and compile harnessModify target
Instrument target
Instrument target
Fuzz target
Fuzz target
Manage campaign
Manage campaignViewer does not support full SVG 1.1 \ No newline at end of file -- cgit 1.4.1 From 5e478294627aa7ab58dc1545805e5141be44ac3c Mon Sep 17 00:00:00 2001 From: llzmb <46303940+llzmb@users.noreply.github.com> Date: Wed, 12 Jan 2022 20:27:09 +0100 Subject: Add white background to SVG files --- docs/resources/0_fuzzing_process_overview.drawio.svg | 2 +- docs/resources/1_instrument_target.drawio.svg | 2 +- docs/resources/2_prepare_campaign.drawio.svg | 2 +- docs/resources/3_fuzz_target.drawio.svg | 2 +- docs/resources/4_manage_campaign.drawio.svg | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) (limited to 'docs/resources') diff --git a/docs/resources/0_fuzzing_process_overview.drawio.svg b/docs/resources/0_fuzzing_process_overview.drawio.svg index 0cccee6f..d4ae9cab 100644 --- a/docs/resources/0_fuzzing_process_overview.drawio.svg +++ b/docs/resources/0_fuzzing_process_overview.drawio.svg @@ -1,4 +1,4 @@ -
Prepare campaign
Prepare campaign
Required task
Required task
Optional task
Optional taskCheck coverageMonitor statusTriage crashesUse multiple coresUse multiple machinesRun afl-fuzzMake input corpus uniqueMinimize corpus fileCollect inputsSelect compilerSelect optionsSelect sanitizerCompile target source codeWrite and compile harnessModify target
Instrument target
Instrument target
Fuzz target
Fuzz target
Manage campaign
Manage campaignViewer does not support full SVG 1.1 \ No newline at end of file +
Prepare campaign
Prepare campaign
Required task
Required task
Optional task
Optional taskCheck coverageMonitor statusTriage crashesUse multiple coresUse multiple machinesRun afl-fuzzMake input corpus uniqueMinimize corpus fileCollect inputsSelect compilerSelect optionsSelect sanitizerCompile target source codeWrite and compile harnessModify target
Instrument target
Instrument target
Fuzz target
Fuzz target
Manage campaign
Manage campaignViewer does not support full SVG 1.1 \ No newline at end of file diff --git a/docs/resources/1_instrument_target.drawio.svg b/docs/resources/1_instrument_target.drawio.svg index 9e2d8734..90c52760 100644 --- a/docs/resources/1_instrument_target.drawio.svg +++ b/docs/resources/1_instrument_target.drawio.svg @@ -1,4 +1,4 @@ -
Instrument target
Instrument target
Required task
Required task
Optional task
Optional task
Select compiler

LTO mode
(clang/clang++ 11+)

LLVM mode
(clang/clang++ 3.8+)

GCC_PLUGIN mode
(gcc 5+)

GCC/CLANG mode
(other)
Select compiler...
Select options

Select options depending on
the compiler:

COMPCOV
(only LTO)

CmpLog
(only LTO)

selective instrumentation
(LTO, LLVM, GCC_PLUGIN)
Select options...
Select sanitizer

Select one sanitizer
per instance:

ASAN
CFISAN
LSAN
MSAN
TSAN
UBSAN
Select sanitizer...
Compile target source code

Compile target source code depending on the build system:

configure
CMake
Meson Build System
other
Compile target source code...
Modify target

All AFL++ compilers
do this automatically.
Modify target...Viewer does not support full SVG 1.1 \ No newline at end of file +
Instrument target
Instrument target
Required task
Required task
Optional task
Optional task
Select compiler

LTO mode
(clang/clang++ 11+)

LLVM mode
(clang/clang++ 3.8+)

GCC_PLUGIN mode
(gcc 5+)

GCC/CLANG mode
(other)
Select compiler...
Select options

Select options depending on
the compiler:

COMPCOV
(only LTO)

CmpLog
(only LTO)

selective instrumentation
(LTO, LLVM, GCC_PLUGIN)
Select options...
Select sanitizer

Select one sanitizer
per instance:

ASAN
CFISAN
LSAN
MSAN
TSAN
UBSAN
Select sanitizer...
Compile target source code

Compile target source code depending on the build system:

configure
CMake
Meson Build System
other
Compile target source code...
Modify target

All AFL++ compilers
do this automatically.
Modify target...Viewer does not support full SVG 1.1 \ No newline at end of file diff --git a/docs/resources/2_prepare_campaign.drawio.svg b/docs/resources/2_prepare_campaign.drawio.svg index 92cc61c0..aaf50758 100644 --- a/docs/resources/2_prepare_campaign.drawio.svg +++ b/docs/resources/2_prepare_campaign.drawio.svg @@ -1,4 +1,4 @@ -
Prepare campaign
Prepare campaign
Required task
Required task
Optional task
Optional task
Make input corpus unique


Use afl-cmin on input corpus.
Make input corpus unique...
Minimize corpus file


Use afl-tmin on input files.
Minimize corpus file...
Collect inputs


Collect one or more input files.
Collect inputs...Viewer does not support full SVG 1.1 \ No newline at end of file +
Prepare campaign
Prepare campaign
Required task
Required task
Optional task
Optional task
Make input corpus unique


Use afl-cmin on input corpus.
Make input corpus unique...
Minimize corpus file


Use afl-tmin on input files.
Minimize corpus file...
Collect inputs


Collect one or more input files.
Collect inputs...Viewer does not support full SVG 1.1 \ No newline at end of file diff --git a/docs/resources/3_fuzz_target.drawio.svg b/docs/resources/3_fuzz_target.drawio.svg index a4e5c940..9a30a57c 100644 --- a/docs/resources/3_fuzz_target.drawio.svg +++ b/docs/resources/3_fuzz_target.drawio.svg @@ -1,4 +1,4 @@ -
Fuzz target
Fuzz target
Required task
Required task
Optional task
Optional task
Use multiple cores

Fuzz one target with
multiple instances:

One main fuzzer:
-M main

Secondary fuzzers:
-S variant1

Use up to 32/64 cores
on each machine.

Cache test cases.
Use multiple cores...
Use multiple machines

Fuzz one target with
multiple machines:

One main fuzzer per server:
-M main

Secondary fuzzers:
-S variant1

Sync between the servers.
Use multiple machines...
Run afl-fuzz

Reconfigure the
system for optimal speed.

Specify the input corpus directory.

Add a dictionary.

Set a memory limit.
Run afl-fuzz...Viewer does not support full SVG 1.1 \ No newline at end of file +
Fuzz target
Fuzz target
Required task
Required task
Optional task
Optional task
Use multiple cores

Fuzz one target with
multiple instances:

One main fuzzer:
-M main

Secondary fuzzers:
-S variant1

Use up to 32/64 cores
on each machine.

Cache test cases.
Use multiple cores...
Use multiple machines

Fuzz one target with
multiple machines:

One main fuzzer per server:
-M main

Secondary fuzzers:
-S variant1

Sync between the servers.
Use multiple machines...
Run afl-fuzz

Reconfigure the
system for optimal speed.

Specify the input corpus directory.

Add a dictionary.

Set a memory limit.
Run afl-fuzz...Viewer does not support full SVG 1.1 \ No newline at end of file diff --git a/docs/resources/4_manage_campaign.drawio.svg b/docs/resources/4_manage_campaign.drawio.svg index dae9fbf9..b8296257 100644 --- a/docs/resources/4_manage_campaign.drawio.svg +++ b/docs/resources/4_manage_campaign.drawio.svg @@ -1,4 +1,4 @@ -
Check coverage

Use afl-showmap to get
code coverage statistics.

Use afl-cov to generate an HTML report on coverage.
Check coverage...
Manage campaign
Manage campaign
Required task
Required task
Optional task
Optional task
Monitor status

Use afl-whatsup to show the status of the fuzzing campaign.

Use afl-plot to generate an HTML report with graphs.
Monitor status...
Triage crashes

Use afl-fuzz with -C flag to run crash exploration mode.

Use afl-tmin on test cases
for minimization.

Use afl-analyze to find
critical sections in test cases.
Triage crashes...
Start new campaign

Stop instances without
crashes.

Start new instances with
different options.

Select new test cases
based on insights.
Start new campaign...Viewer does not support full SVG 1.1 \ No newline at end of file +
Check coverage

Use afl-showmap to get
code coverage statistics.

Use afl-cov to generate an HTML report on coverage.
Check coverage...
Manage campaign
Manage campaign
Required task
Required task
Optional task
Optional task
Monitor status

Use afl-whatsup to show the status of the fuzzing campaign.

Use afl-plot to generate an HTML report with graphs.
Monitor status...
Triage crashes

Use afl-fuzz with -C flag to run crash exploration mode.

Use afl-tmin on test cases
for minimization.

Use afl-analyze to find
critical sections in test cases.
Triage crashes...
Start new campaign

Stop instances without
crashes.

Start new instances with
different options.

Select new test cases
based on insights.
Start new campaign...Viewer does not support full SVG 1.1 \ No newline at end of file -- cgit 1.4.1 From e7ddd15fa50d58a02523dd079f33246cb2fa21c5 Mon Sep 17 00:00:00 2001 From: llzmb <46303940+llzmb@users.noreply.github.com> Date: Wed, 12 Jan 2022 20:46:37 +0100 Subject: Incorporate feedback --- docs/resources/1_instrument_target.drawio.svg | 2 +- docs/resources/3_fuzz_target.drawio.svg | 2 +- docs/resources/4_manage_campaign.drawio.svg | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'docs/resources') diff --git a/docs/resources/1_instrument_target.drawio.svg b/docs/resources/1_instrument_target.drawio.svg index 90c52760..5dcc8525 100644 --- a/docs/resources/1_instrument_target.drawio.svg +++ b/docs/resources/1_instrument_target.drawio.svg @@ -1,4 +1,4 @@ -
Instrument target
Instrument target
Required task
Required task
Optional task
Optional task
Select compiler

LTO mode
(clang/clang++ 11+)

LLVM mode
(clang/clang++ 3.8+)

GCC_PLUGIN mode
(gcc 5+)

GCC/CLANG mode
(other)
Select compiler...
Select options

Select options depending on
the compiler:

COMPCOV
(only LTO)

CmpLog
(only LTO)

selective instrumentation
(LTO, LLVM, GCC_PLUGIN)
Select options...
Select sanitizer

Select one sanitizer
per instance:

ASAN
CFISAN
LSAN
MSAN
TSAN
UBSAN
Select sanitizer...
Compile target source code

Compile target source code depending on the build system:

configure
CMake
Meson Build System
other
Compile target source code...
Modify target

All AFL++ compilers
do this automatically.
Modify target...Viewer does not support full SVG 1.1 \ No newline at end of file +
Instrument target
Instrument target
Required task
Required task
Optional task
Optional task
Select compiler

LTO mode
(clang/clang++ 11+)

LLVM mode
(clang/clang++ 3.8+)

GCC_PLUGIN mode
(gcc 5+)

GCC/CLANG mode
(other)
Select compiler...
Select options

Select options depending on
the compiler:

COMPCOV
(only LLVM & LTO)

CmpLog
(only LLVM & LTO)

selective instrumentation
(LTO, LLVM, GCC_PLUGIN)
Select options...
Select sanitizer

Max. one sanitizer type each
in a fuzzing campaign:

ASAN
CFISAN
LSAN
MSAN
TSAN
UBSAN
Select sanitizer...
Compile target source code

Compile target source code depending on the build system:

configure
CMake
Meson Build System
other
Compile target source code...
Modify target

Create a fuzzing harness
by hand for better efficiency.
Modify target...Viewer does not support full SVG 1.1 \ No newline at end of file diff --git a/docs/resources/3_fuzz_target.drawio.svg b/docs/resources/3_fuzz_target.drawio.svg index 9a30a57c..8c97b8e2 100644 --- a/docs/resources/3_fuzz_target.drawio.svg +++ b/docs/resources/3_fuzz_target.drawio.svg @@ -1,4 +1,4 @@ -
Fuzz target
Fuzz target
Required task
Required task
Optional task
Optional task
Use multiple cores

Fuzz one target with
multiple instances:

One main fuzzer:
-M main

Secondary fuzzers:
-S variant1

Use up to 32/64 cores
on each machine.

Cache test cases.
Use multiple cores...
Use multiple machines

Fuzz one target with
multiple machines:

One main fuzzer per server:
-M main

Secondary fuzzers:
-S variant1

Sync between the servers.
Use multiple machines...
Run afl-fuzz

Reconfigure the
system for optimal speed.

Specify the input corpus directory.

Add a dictionary.

Set a memory limit.
Run afl-fuzz...Viewer does not support full SVG 1.1 \ No newline at end of file +
Fuzz target
Fuzz target
Required task
Required task
Optional task
Optional task
Use multiple cores

Fuzz one target with
multiple instances:

One main fuzzer:
-M main

Secondary fuzzers:
-S variant1
Use multiple cores...
Use multiple machines

Fuzz one target with
multiple machines:

One main fuzzer per server:
-M main-$HOSTNAME

Secondary fuzzers:
-S variant1

Sync between the servers.
Use multiple machines...
Run afl-fuzz

Reconfigure the
system for optimal speed.

Specify the input corpus directory.

Add a dictionary.

Set a memory limit.
Run afl-fuzz...Viewer does not support full SVG 1.1 \ No newline at end of file diff --git a/docs/resources/4_manage_campaign.drawio.svg b/docs/resources/4_manage_campaign.drawio.svg index b8296257..969f47fd 100644 --- a/docs/resources/4_manage_campaign.drawio.svg +++ b/docs/resources/4_manage_campaign.drawio.svg @@ -1,4 +1,4 @@ -
Check coverage

Use afl-showmap to get
code coverage statistics.

Use afl-cov to generate an HTML report on coverage.
Check coverage...
Manage campaign
Manage campaign
Required task
Required task
Optional task
Optional task
Monitor status

Use afl-whatsup to show the status of the fuzzing campaign.

Use afl-plot to generate an HTML report with graphs.
Monitor status...
Triage crashes

Use afl-fuzz with -C flag to run crash exploration mode.

Use afl-tmin on test cases
for minimization.

Use afl-analyze to find
critical sections in test cases.
Triage crashes...
Start new campaign

Stop instances without
crashes.

Start new instances with
different options.

Select new test cases
based on insights.
Start new campaign...Viewer does not support full SVG 1.1 \ No newline at end of file +
Check coverage

Use afl-showmap to get
code coverage statistics.

Use afl-cov to generate an HTML report on coverage.
Check coverage...
Manage campaign
Manage campaign
Required task
Required task
Optional task
Optional task
Monitor status

Use afl-whatsup to show the status of the fuzzing campaign.

Use afl-plot to generate an HTML report with graphs.
Monitor status...
Triage crashes

Use afl-fuzz with -C flag to run crash exploration mode.

Use afl-tmin on test cases
for minimization.

Use gdb or third-party
exploitable tools to analyze crashes.
Triage crashes...
Optimize campaign

Stop instances that are not performing well.

Start new instances with
different options.

Select new test cases
based on insights.
Optimize campaign...Viewer does not support full SVG 1.1 \ No newline at end of file -- cgit 1.4.1 From 1ca33174253ab430c9327927f6116458d6f1b793 Mon Sep 17 00:00:00 2001 From: llzmb <46303940+llzmb@users.noreply.github.com> Date: Fri, 14 Jan 2022 11:22:16 +0100 Subject: Add link to image --- docs/resources/4_manage_campaign.drawio.svg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/resources') diff --git a/docs/resources/4_manage_campaign.drawio.svg b/docs/resources/4_manage_campaign.drawio.svg index 969f47fd..6c531388 100644 --- a/docs/resources/4_manage_campaign.drawio.svg +++ b/docs/resources/4_manage_campaign.drawio.svg @@ -1,4 +1,4 @@ -
Check coverage

Use afl-showmap to get
code coverage statistics.

Use afl-cov to generate an HTML report on coverage.
Check coverage...
Manage campaign
Manage campaign
Required task
Required task
Optional task
Optional task
Monitor status

Use afl-whatsup to show the status of the fuzzing campaign.

Use afl-plot to generate an HTML report with graphs.
Monitor status...
Triage crashes

Use afl-fuzz with -C flag to run crash exploration mode.

Use afl-tmin on test cases
for minimization.

Use gdb or third-party
exploitable tools to analyze crashes.
Triage crashes...
Optimize campaign

Stop instances that are not performing well.

Start new instances with
different options.

Select new test cases
based on insights.
Optimize campaign...Viewer does not support full SVG 1.1 \ No newline at end of file +
Check coverage

Use afl-showmap to get
code coverage statistics.

Use afl-cov to generate an HTML report on coverage.
Check coverage...
Manage campaign
Manage campaign
Required task
Required task
Optional task
Optional task
Monitor status

Use afl-whatsup to show the status of the fuzzing campaign.

Use afl-plot to generate an HTML report with graphs.
Monitor status...
Triage crashes

Use afl-fuzz with -C flag to run crash exploration mode.

Use afl-tmin on test cases
for minimization.

Use gdb or third-party
exploitable tools to analyze crashes.
Triage crashes...
Optimize campaign

Stop instances that are not performing well.

Start new instances with
different options.

Select new test cases
based on insights.
Optimize campaign...Viewer does not support full SVG 1.1 \ No newline at end of file -- cgit 1.4.1 From 8c58bdb5045ceea92fd11ca5f3f8946cd416695d Mon Sep 17 00:00:00 2001 From: llzmb <46303940+llzmb@users.noreply.github.com> Date: Fri, 14 Jan 2022 15:17:25 +0100 Subject: Add margin to images --- docs/resources/0_fuzzing_process_overview.drawio.svg | 2 +- docs/resources/1_instrument_target.drawio.svg | 2 +- docs/resources/2_prepare_campaign.drawio.svg | 2 +- docs/resources/3_fuzz_target.drawio.svg | 2 +- docs/resources/4_manage_campaign.drawio.svg | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) (limited to 'docs/resources') diff --git a/docs/resources/0_fuzzing_process_overview.drawio.svg b/docs/resources/0_fuzzing_process_overview.drawio.svg index d4ae9cab..fa596e21 100644 --- a/docs/resources/0_fuzzing_process_overview.drawio.svg +++ b/docs/resources/0_fuzzing_process_overview.drawio.svg @@ -1,4 +1,4 @@ -
Prepare campaign
Prepare campaign
Required task
Required task
Optional task
Optional taskCheck coverageMonitor statusTriage crashesUse multiple coresUse multiple machinesRun afl-fuzzMake input corpus uniqueMinimize corpus fileCollect inputsSelect compilerSelect optionsSelect sanitizerCompile target source codeWrite and compile harnessModify target
Instrument target
Instrument target
Fuzz target
Fuzz target
Manage campaign
Manage campaignViewer does not support full SVG 1.1 \ No newline at end of file +
Prepare campaign
Prepare campaign
Required task
Required task
Optional task
Optional taskCheck coverageMonitor statusTriage crashesUse multiple coresUse multiple machinesRun afl-fuzzMake input corpus uniqueMinimize corpus fileCollect inputsSelect compilerSelect optionsSelect sanitizerCompile target source codeWrite and compile harnessModify target
Instrument target
Instrument target
Fuzz target
Fuzz target
Manage campaign
Manage campaignViewer does not support full SVG 1.1 \ No newline at end of file diff --git a/docs/resources/1_instrument_target.drawio.svg b/docs/resources/1_instrument_target.drawio.svg index 5dcc8525..af6ac397 100644 --- a/docs/resources/1_instrument_target.drawio.svg +++ b/docs/resources/1_instrument_target.drawio.svg @@ -1,4 +1,4 @@ -
Instrument target
Instrument target
Required task
Required task
Optional task
Optional task
Select compiler

LTO mode
(clang/clang++ 11+)

LLVM mode
(clang/clang++ 3.8+)

GCC_PLUGIN mode
(gcc 5+)

GCC/CLANG mode
(other)
Select compiler...
Select options

Select options depending on
the compiler:

COMPCOV
(only LLVM & LTO)

CmpLog
(only LLVM & LTO)

selective instrumentation
(LTO, LLVM, GCC_PLUGIN)
Select options...
Select sanitizer

Max. one sanitizer type each
in a fuzzing campaign:

ASAN
CFISAN
LSAN
MSAN
TSAN
UBSAN
Select sanitizer...
Compile target source code

Compile target source code depending on the build system:

configure
CMake
Meson Build System
other
Compile target source code...
Modify target

Create a fuzzing harness
by hand for better efficiency.
Modify target...Viewer does not support full SVG 1.1 \ No newline at end of file +
Instrument target
Instrument target
Required task
Required task
Optional task
Optional task
Select compiler

LTO mode
(clang/clang++ 11+)

LLVM mode
(clang/clang++ 3.8+)

GCC_PLUGIN mode
(gcc 5+)

GCC/CLANG mode
(other)
Select compiler...
Select options

Select options depending on
the compiler:

COMPCOV
(only LLVM & LTO)

CmpLog
(only LLVM & LTO)

selective instrumentation
(LTO, LLVM, GCC_PLUGIN)
Select options...
Select sanitizer

Max. one sanitizer type each
in a fuzzing campaign:

ASAN
CFISAN
LSAN
MSAN
TSAN
UBSAN
Select sanitizer...
Compile target source code

Compile target source code depending on the build system:

configure
CMake
Meson Build System
other
Compile target source code...
Modify target

Create a fuzzing harness
by hand for better efficiency.
Modify target...Viewer does not support full SVG 1.1 \ No newline at end of file diff --git a/docs/resources/2_prepare_campaign.drawio.svg b/docs/resources/2_prepare_campaign.drawio.svg index aaf50758..f4de62b9 100644 --- a/docs/resources/2_prepare_campaign.drawio.svg +++ b/docs/resources/2_prepare_campaign.drawio.svg @@ -1,4 +1,4 @@ -
Prepare campaign
Prepare campaign
Required task
Required task
Optional task
Optional task
Make input corpus unique


Use afl-cmin on input corpus.
Make input corpus unique...
Minimize corpus file


Use afl-tmin on input files.
Minimize corpus file...
Collect inputs


Collect one or more input files.
Collect inputs...Viewer does not support full SVG 1.1 \ No newline at end of file +
Prepare campaign
Prepare campaign
Required task
Required task
Optional task
Optional task
Make input corpus unique


Use afl-cmin on input corpus.
Make input corpus unique...
Minimize corpus file


Use afl-tmin on input files.
Minimize corpus file...
Collect inputs


Collect one or more input files.
Collect inputs...Viewer does not support full SVG 1.1 \ No newline at end of file diff --git a/docs/resources/3_fuzz_target.drawio.svg b/docs/resources/3_fuzz_target.drawio.svg index 8c97b8e2..de5982ed 100644 --- a/docs/resources/3_fuzz_target.drawio.svg +++ b/docs/resources/3_fuzz_target.drawio.svg @@ -1,4 +1,4 @@ -
Fuzz target
Fuzz target
Required task
Required task
Optional task
Optional task
Use multiple cores

Fuzz one target with
multiple instances:

One main fuzzer:
-M main

Secondary fuzzers:
-S variant1
Use multiple cores...
Use multiple machines

Fuzz one target with
multiple machines:

One main fuzzer per server:
-M main-$HOSTNAME

Secondary fuzzers:
-S variant1

Sync between the servers.
Use multiple machines...
Run afl-fuzz

Reconfigure the
system for optimal speed.

Specify the input corpus directory.

Add a dictionary.

Set a memory limit.
Run afl-fuzz...Viewer does not support full SVG 1.1 \ No newline at end of file +
Fuzz target
Fuzz target
Required task
Required task
Optional task
Optional task
Use multiple cores

Fuzz one target with
multiple instances:

One main fuzzer:
-M main

Secondary fuzzers:
-S variant1
Use multiple cores...
Use multiple machines

Fuzz one target with
multiple machines:

One main fuzzer per server:
-M main-$HOSTNAME

Secondary fuzzers:
-S variant1

Sync between the servers.
Use multiple machines...
Run afl-fuzz

Reconfigure the
system for optimal speed.

Specify the input corpus directory.

Add a dictionary.

Set a memory limit.
Run afl-fuzz...Viewer does not support full SVG 1.1 \ No newline at end of file diff --git a/docs/resources/4_manage_campaign.drawio.svg b/docs/resources/4_manage_campaign.drawio.svg index 6c531388..041a2a23 100644 --- a/docs/resources/4_manage_campaign.drawio.svg +++ b/docs/resources/4_manage_campaign.drawio.svg @@ -1,4 +1,4 @@ -
Check coverage

Use afl-showmap to get
code coverage statistics.

Use afl-cov to generate an HTML report on coverage.
Check coverage...
Manage campaign
Manage campaign
Required task
Required task
Optional task
Optional task
Monitor status

Use afl-whatsup to show the status of the fuzzing campaign.

Use afl-plot to generate an HTML report with graphs.
Monitor status...
Triage crashes

Use afl-fuzz with -C flag to run crash exploration mode.

Use afl-tmin on test cases
for minimization.

Use gdb or third-party
exploitable tools to analyze crashes.
Triage crashes...
Optimize campaign

Stop instances that are not performing well.

Start new instances with
different options.

Select new test cases
based on insights.
Optimize campaign...Viewer does not support full SVG 1.1 \ No newline at end of file +
Check coverage

Use afl-showmap to get
code coverage statistics.

Use afl-cov to generate an HTML report on coverage.
Check coverage...
Manage campaign
Manage campaign
Required task
Required task
Optional task
Optional task
Monitor status

Use afl-whatsup to show the status of the fuzzing campaign.

Use afl-plot to generate an HTML report with graphs.
Monitor status...
Triage crashes

Use afl-fuzz with -C flag to run crash exploration mode.

Use afl-tmin on test cases
for minimization.

Use gdb or third-party
exploitable tools to analyze crashes.
Triage crashes...
Optimize campaign

Stop instances that are not performing well.

Start new instances with
different options.

Select new test cases
based on insights.
Optimize campaign...Viewer does not support full SVG 1.1 \ No newline at end of file -- cgit 1.4.1