AFLplusplus
hyperfine
AFLplusplus | hyperfine | |
---|---|---|
16 | 74 | |
4,646 | 20,020 | |
1.8% | - | |
9.7 | 8.1 | |
4 days ago | 6 days ago | |
C | Rust | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
AFLplusplus
-
Decoding C/C++ Compilation Process: From Source Code to Binary
It could be cool to see some explanation of CFG representations or GIMPLE/LLVM here. GCC/Clang can print those out as text, or just compile to that code and not go lower if you ask them to. There are some interesting things you can do with bytecode, like Rellic, AFL++, or optview2. It seems a bit reductive imo to go straight from high-level code to disassembly without at all examining any layers in between. Especially if we use something like Polygeist or CIR.
-
Why is my fuzzer running so slow?
Honestly, I wouldn't bother writing your own fuzzer, and just use one of the existing solutions, like afl++. Contrary to popular belief, good fuzzers do not just generate random bytes; the way they generate data depends on a genetic algorithm based on the code paths taken by the program. AFL++ can also fuzz regular binaries that weren't instrumented, but according to the documentation it is much less effective.
-
Olive programming language
Be outside the loop? At least that's how they do it in their example https://github.com/AFLplusplus/AFLplusplus/blob/stable/instrumentation/README.persistent_mode.md
-
How do you test compiler projects?
I use fuzzers, as every programmer should, and do not commit unless my compiler can be fuzzed for at least 24 hours without any crashes (if I were selling the software, I'd increase that period). I use AFL++ in LTO mode and comby-decomposer with a crappy script I made to collect crash test cases. I am also interested in afl-compiler-fuzzer, but have not yet tried it. Later, I'd like to try my hand at making a test generator that reaches codegen more often (no compile errors in the random source code). I use afl-tmin to minimize test cases, but the result is always illegible without manual work, and usually has extra junk the minimizer is incapable of deleting. Something like C-Reduce would be useful here.
-
November 2022 monthly "What are you working on?" thread
1: https://github.com/ArkScript-lang/Ark 2: https://github.com/AFLplusplus/AFLplusplus
-
AFLplusplus VS jazzer.js - a user suggested alternative
2 projects | 12 Sep 2022
- New Mode for AFL++
-
Frelatage: A fuzzing library to find vulnerabilities and bugs in Python applications
Frelatage is a coverage-based Python fuzzing library which can be used to fuzz python code. The development of Frelatage was inspired by various other fuzzers, including AFL/AFL++, Atheris and PyFuzzer.The main purpose of the project is to take advantage of the best features of these fuzzers and gather them together into a new tool in order to efficiently fuzz python applications.
-
Fuzzing: Automated Bug Hunting in Software
I personally have not gone over any books over the topic so I cannot recommend books. However, there is a popular fuzzer known as AFL++ that specifies its technical workings and has a tutorial on its usage in the documentation. You can find it here. I found using the tool helped me gain a good understanding of the topic.
-
60x speed-up of Linux “perf”
With AFL++ you can even determine exactly where the fork happens:
https://github.com/AFLplusplus/AFLplusplus/blob/stable/instr...
hyperfine
-
Measuring startup and shutdown overhead of several code interpreters
Check out the official hyperfine Github repo
-
Bun - The One Tool for All Your JavaScript/Typescript Project's Needs?
And then I used hyperfine to run the benchmarks on my MacBook Pro 14 M2 Max, and here are the results:
-
Faster tetranucleotide (k-mer) frequencies!
Search "benchmarking tools for linux" and decide that hyperfine is good for what I'm doing. Run Jennifer's new python script against my refactored perl and find that the python is 1.26 times faster for k=3 and 1.47 times faster for k=4. For the Covid-19 sequence, these are both on the order of hundreds of milliseconds.
- Hyperfine: A command-line benchmarking tool
- FLaNK Weekly 08 Jan 2024
-
Show HN: Inshellisense – IDE style shell autocomplete
> It is very possible to write sub 100ms procedures in TS, […]
I will not disagree with this statement because I don’t have a way to test inshellisense right now. Could you (or anyone with a working Node + NPM installation) please install inshellisense and post the actual numbers? Perhaps using a tool like hyperfine (https://github.com/sharkdp/hyperfine).
-
Firefox has surpassed Chrome on Speedometer
Yeah, while it's not as thorough as these tools, the method is at least reproducible and sane, and with ~10 or so samples, you get an interval with a nice confidence.
Another through method will be hyperfine[0], yet I wanted to provide a method which requires no installation and can be done in a whim, without jumps and hoops, with the tools already at hand.
[0]: https://github.com/sharkdp/hyperfine
-
How to optimize your config? What are mistakes to avoid when optimizing your config?
That is native and inbuild but I would suggest below options instead 1. Using lazy's Profile tab instead https://github.com/folke/lazy.nvim 2. Using a dedicated plugin to do this https://github.com/dstein64/vim-startuptime. 3. Using an external program hyperfine is one that I use https://github.com/sharkdp/hyperfine
-
How to remove all <br> from all of my .html files
Fair enough, although might I recommend using hyperfine for your testing? ;p
What are some alternatives?
honggfuzz - Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)
criterion.rs - Statistics-driven benchmarking library for Rust
LibAFL - Advanced Fuzzing Library - Slot your Fuzzer together in Rust! Scales across cores and machines. For Windows, Android, MacOS, Linux, no_std, ...
fd - A simple, fast and user-friendly alternative to 'find'
oss-fuzz - OSS-Fuzz - continuous fuzzing for open source software.
ripgrep - ripgrep recursively searches directories for a regex pattern while respecting your gitignore
syzkaller - syzkaller is an unsupervised coverage-guided kernel fuzzer
awesome-mac - Now we have become very big, Different from the original idea. Collect premium software in various categories.
American Fuzzy Lop - american fuzzy lop - a security-oriented fuzzer
kubeconform - A FAST Kubernetes manifests validator, with support for Custom Resources!
sharpfuzz - AFL-based fuzz testing for .NET
quinn - Async-friendly QUIC implementation in Rust