aboutsummaryrefslogtreecommitdiff
path: root/development/afl/README
blob: 66692da46c4bbf04baad840404b0d41c89ff7bdf (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
afl (security-oriented fuzzer)

American fuzzy lop is a security-oriented fuzzer that employs a
novel type of compile-time instrumentation and genetic algorithms to
automatically discover clean, interesting test cases that trigger new
internal states in the targeted binary. This substantially improves the
functional coverage for the fuzzed code. The compact synthesized corpora
produced by the tool are also useful for seeding other, more labor-
or resource-intensive testing regimes down the road.

To use afl with binary-only code (no source available), a custom qemu
wrapper is used (afl-qemu-trace). This does NOT require a system-wide
installation of qemu, but it does require the source to qemu. To build
qemu support, download the qemu source from:

https://download.qemu-project.org/qemu-2.10.0.tar.xz

Save the file in the same directory as the afl.SlackBuild script.

If binary-only support is not needed, don't download the qemu source. This
will speed up the build quite a bit.