AFL++: The Advanced Fuzzing Framework
AFL++ is a robust, community-driven fuzzing framework for security professionals and developers. It's based on the original American Fuzzy Lop (AFL) but includes numerous enhancements and features.
Key Features:
- Multiple Instrumentation Modes: Supports LLVM, AFL-as, GCC plugin for source code instrumentation, and QEMU, Unicorn, QBDI for binary code instrumentation.
- Advanced Mutators: Includes MOpt mutators and AFLfast power schedules for efficient test case generation.
- Corpus Minimization: Offers utilities like
afl-tminandafl-cminto reduce test case size. - Helper Libraries: Provides
libtokencap,libdislocator, andlibcompcovfor extended functionality. - Trophies: Has found vulnerabilities in VLC, SQLite, Vim, Pure-FTPd, FFmpeg, and more.
Use Cases:
- Vulnerability Discovery: Identify bugs and security flaws in software.
- Security Auditing: Evaluate the security posture of applications.
- Software Testing: Improve software reliability and robustness.
- Reverse Engineering: Aid in understanding software behavior through fault injection.
