AFLplusplus
mirage
Our great sponsors
AFLplusplus | mirage | |
---|---|---|
16 | 2 | |
4,620 | 416 | |
2.8% | - | |
9.6 | 0.0 | |
about 15 hours ago | 6 months ago | |
C | QML | |
Apache License 2.0 | GNU Lesser General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
AFLplusplus
-
Decoding C/C++ Compilation Process: From Source Code to Binary
It could be cool to see some explanation of CFG representations or GIMPLE/LLVM here. GCC/Clang can print those out as text, or just compile to that code and not go lower if you ask them to. There are some interesting things you can do with bytecode, like Rellic, AFL++, or optview2. It seems a bit reductive imo to go straight from high-level code to disassembly without at all examining any layers in between. Especially if we use something like Polygeist or CIR.
-
Why is my fuzzer running so slow?
Honestly, I wouldn't bother writing your own fuzzer, and just use one of the existing solutions, like afl++. Contrary to popular belief, good fuzzers do not just generate random bytes; the way they generate data depends on a genetic algorithm based on the code paths taken by the program. AFL++ can also fuzz regular binaries that weren't instrumented, but according to the documentation it is much less effective.
-
Olive programming language
Be outside the loop? At least that's how they do it in their example https://github.com/AFLplusplus/AFLplusplus/blob/stable/instrumentation/README.persistent_mode.md
-
How do you test compiler projects?
I use fuzzers, as every programmer should, and do not commit unless my compiler can be fuzzed for at least 24 hours without any crashes (if I were selling the software, I'd increase that period). I use AFL++ in LTO mode and comby-decomposer with a crappy script I made to collect crash test cases. I am also interested in afl-compiler-fuzzer, but have not yet tried it. Later, I'd like to try my hand at making a test generator that reaches codegen more often (no compile errors in the random source code). I use afl-tmin to minimize test cases, but the result is always illegible without manual work, and usually has extra junk the minimizer is incapable of deleting. Something like C-Reduce would be useful here.
-
November 2022 monthly "What are you working on?" thread
1: https://github.com/ArkScript-lang/Ark 2: https://github.com/AFLplusplus/AFLplusplus
-
AFLplusplus VS jazzer.js - a user suggested alternative
2 projects | 12 Sep 2022
- New Mode for AFL++
-
Frelatage: A fuzzing library to find vulnerabilities and bugs in Python applications
Frelatage is a coverage-based Python fuzzing library which can be used to fuzz python code. The development of Frelatage was inspired by various other fuzzers, including AFL/AFL++, Atheris and PyFuzzer.The main purpose of the project is to take advantage of the best features of these fuzzers and gather them together into a new tool in order to efficiently fuzz python applications.
-
Fuzzing: Automated Bug Hunting in Software
I personally have not gone over any books over the topic so I cannot recommend books. However, there is a popular fuzzer known as AFL++ that specifies its technical workings and has a tutorial on its usage in the documentation. You can find it here. I found using the tool helped me gain a good understanding of the topic.
-
60x speed-up of Linux “perf”
With AFL++ you can even determine exactly where the fork happens:
https://github.com/AFLplusplus/AFLplusplus/blob/stable/instr...
mirage
-
Adventures in Fuzzing Matrix’s Encryption
For a nicely documented and clean Matrix client implementation in Python, see weechat-matrix[1] and the matrix-nio[2] library it's based on. There's also Mirage[3] which is also based on matrix-nio and is a GUI client.
[1]: https://github.com/poljar/weechat-matrix
-
some PP questions
Incidentally WhatsApp is the one thing I haven't been able to get rid of completely, because I haven't been able to convince my friends to switch to anything else and I don't want to cut virtually everyone I know out of my life. With a lot of effort, I managed to move WhatsApp to an Android VM running on a VPS, and bridge it with Matrix. I use Mirage to access WhatsApp on the PinePhone, and Element on x86 boxes.
What are some alternatives?
honggfuzz - Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)
matrix-nio - A Python Matrix client library, designed according to sans I/O (http://sans-io.readthedocs.io/) principles
LibAFL - Advanced Fuzzing Library - Slot your Fuzzer together in Rust! Scales across cores and machines. For Windows, Android, MacOS, Linux, no_std, ...
matrixcli - Command line matrix client
oss-fuzz - OSS-Fuzz - continuous fuzzing for open source software.
matrix-commander - simple but convenient CLI-based Matrix client app for sending and receiving
syzkaller - syzkaller is an unsupervised coverage-guided kernel fuzzer
nunnix-manga - Manga reader for PC
American Fuzzy Lop - american fuzzy lop - a security-oriented fuzzer
QmlFlightInstruments - QmlFlightInstruments is a QML project that implements several flight instruments.
sharpfuzz - AFL-based fuzz testing for .NET
Retiled - An attempt at creating a "desktop" environment mainly for Linux phones and tablets that's similar in function to some parts of Microsoft's Windows Phone 8.x, primarily the Start screen, Search app, navigation bar, Action Center, and the status bar. Development is mainly being done using the PinePhone, so that'll be the main supported device.