AFLplusplus
weechat-matrix
Our great sponsors
AFLplusplus | weechat-matrix | |
---|---|---|
16 | 11 | |
4,620 | 950 | |
3.0% | - | |
9.6 | 2.0 | |
6 days ago | 9 months ago | |
C | Python | |
Apache License 2.0 | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
AFLplusplus
-
Decoding C/C++ Compilation Process: From Source Code to Binary
It could be cool to see some explanation of CFG representations or GIMPLE/LLVM here. GCC/Clang can print those out as text, or just compile to that code and not go lower if you ask them to. There are some interesting things you can do with bytecode, like Rellic, AFL++, or optview2. It seems a bit reductive imo to go straight from high-level code to disassembly without at all examining any layers in between. Especially if we use something like Polygeist or CIR.
-
Why is my fuzzer running so slow?
Honestly, I wouldn't bother writing your own fuzzer, and just use one of the existing solutions, like afl++. Contrary to popular belief, good fuzzers do not just generate random bytes; the way they generate data depends on a genetic algorithm based on the code paths taken by the program. AFL++ can also fuzz regular binaries that weren't instrumented, but according to the documentation it is much less effective.
-
Olive programming language
Be outside the loop? At least that's how they do it in their example https://github.com/AFLplusplus/AFLplusplus/blob/stable/instrumentation/README.persistent_mode.md
-
How do you test compiler projects?
I use fuzzers, as every programmer should, and do not commit unless my compiler can be fuzzed for at least 24 hours without any crashes (if I were selling the software, I'd increase that period). I use AFL++ in LTO mode and comby-decomposer with a crappy script I made to collect crash test cases. I am also interested in afl-compiler-fuzzer, but have not yet tried it. Later, I'd like to try my hand at making a test generator that reaches codegen more often (no compile errors in the random source code). I use afl-tmin to minimize test cases, but the result is always illegible without manual work, and usually has extra junk the minimizer is incapable of deleting. Something like C-Reduce would be useful here.
-
November 2022 monthly "What are you working on?" thread
1: https://github.com/ArkScript-lang/Ark 2: https://github.com/AFLplusplus/AFLplusplus
-
AFLplusplus VS jazzer.js - a user suggested alternative
2 projects | 12 Sep 2022
- New Mode for AFL++
-
Frelatage: A fuzzing library to find vulnerabilities and bugs in Python applications
Frelatage is a coverage-based Python fuzzing library which can be used to fuzz python code. The development of Frelatage was inspired by various other fuzzers, including AFL/AFL++, Atheris and PyFuzzer.The main purpose of the project is to take advantage of the best features of these fuzzers and gather them together into a new tool in order to efficiently fuzz python applications.
-
Fuzzing: Automated Bug Hunting in Software
I personally have not gone over any books over the topic so I cannot recommend books. However, there is a popular fuzzer known as AFL++ that specifies its technical workings and has a tutorial on its usage in the documentation. You can find it here. I found using the tool helped me gain a good understanding of the topic.
-
60x speed-up of Linux “perf”
With AFL++ you can even determine exactly where the fork happens:
https://github.com/AFLplusplus/AFLplusplus/blob/stable/instr...
weechat-matrix
-
Incident at Slack
I haven't had much occasion to use it (I dipped into a gaming group that used Matrix but quickly fell out of it) but https://github.com/poljar/weechat-matrix seems mostly adequate if you are a weechat user and just need the text chat features. Feels just like IRC.
- Element raises $30M to boost Matrix
-
weechat for matrix.org on a Digitalocean droplet with tmux
I followed this description - weechat matrix github
-
Adventures in Fuzzing Matrix’s Encryption
For a nicely documented and clean Matrix client implementation in Python, see weechat-matrix[1] and the matrix-nio[2] library it's based on. There's also Mirage[3] which is also based on matrix-nio and is a GUI client.
[1]: https://github.com/poljar/weechat-matrix
[2]: https://github.com/poljar/matrix-nio
[3]: https://github.com/mirukana/mirage
- Freenode are now routinely hijacking channels that indicate they moved to Libera
- Move of official IRC channels to libera.chat
-
Thoughts on the state of the freenode IRC network - Edward Kmett
The weechat plugin unfortunately cannot coexist with wee-slack (https://github.com/wee-slack/wee-slack/issues/812, https://github.com/poljar/weechat-matrix/issues/248), so if one wants to participate in the Haskell Foundation Slack, or any other Slack (e.g. for work), then Matrix is off limits. Yeah, it's just a bug that will eventually get fixed, but it does make things unnecessarily complicated. :-/
-
Loading scripts
I have installed the weechat client with matrix (https://github.com/poljar/weechat-matrix) and it is running properly. However, I cannot figure out how to install scripts. Particularly, the upload and download files scripts mentioned in the github page, since they are not in the official list of scripts. How should I proceed?
- Update on beta testing payments in Signal
- SSO with username/password?
What are some alternatives?
honggfuzz - Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)
gomuks - A terminal based Matrix client written in Go.
LibAFL - Advanced Fuzzing Library - Slot your Fuzzer together in Rust! Scales across cores and machines. For Windows, Android, MacOS, Linux, no_std, ...
element-android - A glossy Matrix collaboration client for Android.
oss-fuzz - OSS-Fuzz - continuous fuzzing for open source software.
matrix-docker-ansible-deploy - 🐳 Matrix (An open network for secure, decentralized communication) server setup using Ansible and Docker
syzkaller - syzkaller is an unsupervised coverage-guided kernel fuzzer
nheko - Desktop client for Matrix using Qt and C++20.
American Fuzzy Lop - american fuzzy lop - a security-oriented fuzzer
syphon - ⚗️ a privacy centric matrix client
sharpfuzz - AFL-based fuzz testing for .NET
maubot - A plugin-based Matrix bot system.