fuzzing tool: afl

Hanno Böck has an article on LWN.net on the fuzzing tool afl, American Fuzzy Lop, created by Michał Zalewski of the Google security team:

AFL is a powerful fuzzer, and the above article is a good introduction. There are some more extensive tutorials on afl site, as well as the Fuzzing Project site. Hanno created the Fuzzing Project, which uses FOSS fuzzers to find and fix defects in core FOSS projects. Besides afl, there’s a Python attempt at a version, for those that prefer Python.

http://lcamtuf.coredump.cx/afl/
http://jwilk.net/software/python-afl
https://fuzzing-project.org/tutorials.html

(I wish there was more widespread usage of AFL in coreboot, tianocore, U-Boot, SeaBIOS, especially now that SMM is inside OVMF now…)

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s