{"id":15039054,"url":"https://github.com/aflplusplus/aflplusplus","last_synced_at":"2025-05-12T15:24:41.248Z","repository":{"id":36999651,"uuid":"189044704","full_name":"AFLplusplus/AFLplusplus","owner":"AFLplusplus","description":"The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel \u0026 redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!","archived":false,"fork":false,"pushed_at":"2025-05-08T07:36:09.000Z","size":32966,"stargazers_count":5680,"open_issues_count":35,"forks_count":1105,"subscribers_count":87,"default_branch":"stable","last_synced_at":"2025-05-08T10:14:22.080Z","etag":null,"topics":["afl","afl-compiler","afl-fuzz","afl-fuzzer","afl-gcc","fuzz-testing","fuzzer","fuzzer-afl","fuzzing","instrumentation","qemu","security","testing","unicorn-emulator","unicorn-mode"],"latest_commit_sha":null,"homepage":"https://aflplus.plus","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/AFLplusplus.png","metadata":{"files":{"readme":"README.md","changelog":"Changelog.md","contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":"CITATION.cff","codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":"AFLplusplus","patreon":null,"open_collective":"AFLplusplusEU","ko_fi":null,"tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"otechie":null,"custom":null}},"created_at":"2019-05-28T14:29:06.000Z","updated_at":"2025-05-08T08:04:29.000Z","dependencies_parsed_at":"2023-01-17T12:47:40.226Z","dependency_job_id":"d820d89c-22e9-497b-ba6f-14dbbf859962","html_url":"https://github.com/AFLplusplus/AFLplusplus","commit_stats":{"total_commits":5997,"total_committers":303,"mean_commits":"19.792079207920793","dds":0.5179256294814074,"last_synced_commit":"75d8c47a6b8ae94cd7ded2f0574e4d35a2021ab7"},"previous_names":["vanhauser-thc/aflplusplus"],"tags_count":36,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AFLplusplus%2FAFLplusplus","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AFLplusplus%2FAFLplusplus/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AFLplusplus%2FAFLplusplus/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AFLplusplus%2FAFLplusplus/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/AFLplusplus","download_url":"https://codeload.github.com/AFLplusplus/AFLplusplus/tar.gz/refs/heads/stable","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253764293,"owners_count":21960552,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["afl","afl-compiler","afl-fuzz","afl-fuzzer","afl-gcc","fuzz-testing","fuzzer","fuzzer-afl","fuzzing","instrumentation","qemu","security","testing","unicorn-emulator","unicorn-mode"],"created_at":"2024-09-24T20:41:23.396Z","updated_at":"2025-05-12T15:24:41.234Z","avatar_url":"https://github.com/AFLplusplus.png","language":"C","readme":"# American Fuzzy Lop plus plus (AFL++)\n\n\u003cimg align=\"right\" src=\"https://raw.githubusercontent.com/AFLplusplus/Website/main/static/aflpp_bg.svg\" alt=\"AFL++ logo\" width=\"250\" height=\"250\"\u003e\n\nRelease version: [4.32c](https://github.com/AFLplusplus/AFLplusplus/releases)\n\nGitHub version: 4.32c\n\nRepository:\n[https://github.com/AFLplusplus/AFLplusplus](https://github.com/AFLplusplus/AFLplusplus)\n\nAFL++ is maintained by:\n\n* Marc \"van Hauser\" Heuse \u003cmh@mh-sec.de\u003e\n* Dominik Maier \u003cmail@dmnk.co\u003e\n* Andrea Fioraldi \u003candreafioraldi@gmail.com\u003e\n* Heiko \"hexcoder-\" Eissfeldt \u003cheiko.eissfeldt@hexco.de\u003e\n* frida_mode is maintained by @Worksbutnottested\n\nOriginally developed by Michal \"lcamtuf\" Zalewski.\n\nAFL++ is a superior fork to Google's AFL - more speed, more and better\nmutations, more and better instrumentation, custom module support, etc.\n\nYou are free to copy, modify, and distribute AFL++ with attribution under the\nterms of the Apache-2.0 License. See the [LICENSE](LICENSE) for details.\n\n## Getting started\n\nHere is some information to get you started:\n\n* For an overview of the AFL++ documentation and a very helpful graphical guide,\n please visit [docs/README.md](docs/README.md).\n* To get you started with tutorials, go to\n [docs/tutorials.md](docs/tutorials.md).\n* For releases, see the\n [Releases tab](https://github.com/AFLplusplus/AFLplusplus/releases) and\n [branches](#branches). The best branches to use are, however, `stable` or\n `dev` - depending on your risk appetite. Also take a look at the list of\n [important changes in AFL++](docs/important_changes.md) and the list of\n [features](docs/features.md).\n* If you want to use AFL++ for your academic work, check the\n [papers page](https://aflplus.plus/papers/) on the website.\n* To cite our work, look at the [Cite](#cite) section.\n* For comparisons, use the fuzzbench `aflplusplus` setup, or use\n `afl-clang-fast` with `AFL_LLVM_CMPLOG=1`. You can find the `aflplusplus`\n default configuration on Google's\n [fuzzbench](https://github.com/google/fuzzbench/tree/master/fuzzers/aflplusplus).\n\n## Building and installing AFL++\n\nTo have AFL++ easily available with everything compiled, pull the image directly\nfrom the Docker Hub (available for both x86_64 and arm64):\n\n```shell\ndocker pull aflplusplus/aflplusplus\ndocker run -ti -v /location/of/your/target:/src aflplusplus/aflplusplus\n```\n\nThis image is automatically published when a push to the stable branch happens\n(see [branches](#branches)). If you use the command above, you will find your\ntarget source code in `/src` in the container.\n\nNote: you can also pull `aflplusplus/aflplusplus:dev` which is the most current\ndevelopment state of AFL++.\n\nTo build AFL++ yourself - *which we recommend* - continue at\n[docs/INSTALL.md](docs/INSTALL.md).\n\n## Quick start: Fuzzing with AFL++\n\n*NOTE: Before you start, please read about the\n[common sense risks of fuzzing](docs/fuzzing_in_depth.md#0-common-sense-risks).*\n\nThis is a quick start for fuzzing targets with the source code available. To\nread about the process in detail, see\n[docs/fuzzing_in_depth.md](docs/fuzzing_in_depth.md).\n\nTo learn about fuzzing other targets, see:\n* Binary-only targets:\n [docs/fuzzing_binary-only_targets.md](docs/fuzzing_binary-only_targets.md)\n* Network services:\n [docs/best_practices.md#fuzzing-a-network-service](docs/best_practices.md#fuzzing-a-network-service)\n* GUI programs:\n [docs/best_practices.md#fuzzing-a-gui-program](docs/best_practices.md#fuzzing-a-gui-program)\n\nStep-by-step quick start:\n\n1. Compile the program or library to be fuzzed using `afl-cc`. A common way to\n do this would be:\n\n ```\n CC=/path/to/afl-cc CXX=/path/to/afl-c++ ./configure --disable-shared\n make clean all\n ```\n\n2. Get a small but valid input file that makes sense to the program. When\n fuzzing verbose syntax (SQL, HTTP, etc.), create a dictionary as described in\n [dictionaries/README.md](dictionaries/README.md), too.\n\n3. If the program reads from stdin, run `afl-fuzz` like so:\n\n ```\n ./afl-fuzz -i seeds_dir -o output_dir -- \\\n /path/to/tested/program [...program's cmdline...]\n ```\n\n To add a dictionary, add `-x /path/to/dictionary.txt` to afl-fuzz.\n\n If the program takes input from a file, you can put `@@` in the program's\n command line; AFL++ will put an auto-generated file name in there for you.\n\n4. Investigate anything shown in red in the fuzzer UI by promptly consulting\n [docs/afl-fuzz_approach.md#understanding-the-status-screen](docs/afl-fuzz_approach.md#understanding-the-status-screen).\n\n5. You will find found crashes and hangs in the subdirectories `crashes/` and\n `hangs/` in the `-o output_dir` directory. You can replay the crashes by\n feeding them to the target, e.g. if your target is using stdin:\n\n ```\n cat output_dir/crashes/id:000000,* | /path/to/tested/program [...program's cmdline...]\n ```\n\n You can generate cores or use gdb directly to follow up the crashes.\n\n6. We cannot stress this enough - if you want to fuzz effectively, read the\n [docs/fuzzing_in_depth.md](docs/fuzzing_in_depth.md) document!\n\n## Contact\n\nQuestions? Concerns? Bug reports?\n\n* The contributors can be reached via (e.g., by creating an issue):\n [https://github.com/AFLplusplus/AFLplusplus](https://github.com/AFLplusplus/AFLplusplus).\n* Take a look at our [FAQ](docs/FAQ.md). If you find an interesting or important\n question missing, submit it via\n [https://github.com/AFLplusplus/AFLplusplus/discussions](https://github.com/AFLplusplus/AFLplusplus/discussions).\n* Best: join the [Awesome Fuzzing](https://discord.gg/gCraWct) Discord server.\n* There is a (not really used) mailing list for the AFL/AFL++ project\n ([browse archive](https://groups.google.com/group/afl-users)). To compare\n notes with other users or to get notified about major new features, send an\n email to \u003cafl-users+subscribe@googlegroups.com\u003e, but note that this is not\n managed by us.\n\n## Branches\n\nThe following branches exist:\n\n* [release](https://github.com/AFLplusplus/AFLplusplus/tree/release): the latest\n release\n* [stable/trunk](https://github.com/AFLplusplus/AFLplusplus/): stable state of\n AFL++ - it is synced from dev from time to time when we are satisfied with its\n stability\n* [dev](https://github.com/AFLplusplus/AFLplusplus/tree/dev): development state\n of AFL++ - bleeding edge and you might catch a checkout which does not compile\n or has a bug. **We only accept PRs (pull requests) for the 'dev' branch!**\n* (any other): experimental branches to work on specific features or testing new\n functionality or changes.\n\n## Help wanted\n\nWe have several [ideas](docs/ideas.md) we would like to see in AFL++ to make it\neven better. However, we already work on so many things that we do not have the\ntime for all the big ideas.\n\nThis can be your way to support and contribute to AFL++ - extend it to do\nsomething cool.\n\nFor everyone who wants to contribute (and send pull requests), please read our\n[contributing guidelines](CONTRIBUTING.md) before you submit.\n\n## Special thanks\n\nMany of the improvements to the original AFL and AFL++ wouldn't be possible\nwithout feedback, bug reports, or patches from our contributors.\n\nThank you! (For people sending pull requests - please add yourself to this list\n:-)\n\n\u003cdetails\u003e\n\n \u003csummary\u003eList of contributors\u003c/summary\u003e\n\n ```\n Jann Horn Hanno Boeck\n Felix Groebert Jakub Wilk\n Richard W. M. Jones Alexander Cherepanov\n Tom Ritter Hovik Manucharyan\n Sebastian Roschke Eberhard Mattes\n Padraig Brady Ben Laurie\n @dronesec Luca Barbato\n Tobias Ospelt Thomas Jarosch\n Martin Carpenter Mudge Zatko\n Joe Zbiciak Ryan Govostes\n Michael Rash William Robinet\n Jonathan Gray Filipe Cabecinhas\n Nico Weber Jodie Cunningham\n Andrew Griffiths Parker Thompson\n Jonathan Neuschaefer Tyler Nighswander\n Ben Nagy Samir Aguiar\n Aidan Thornton Aleksandar Nikolich\n Sam Hakim Laszlo Szekeres\n David A. Wheeler Turo Lamminen\n Andreas Stieger Richard Godbee\n Louis Dassy teor2345\n Alex Moneger Dmitry Vyukov\n Keegan McAllister Kostya Serebryany\n Richo Healey Martijn Bogaard\n rc0r Jonathan Foote\n Christian Holler Dominique Pelle\n Jacek Wielemborek Leo Barnes\n Jeremy Barnes Jeff Trull\n Guillaume Endignoux ilovezfs\n Daniel Godas-Lopez Franjo Ivancic\n Austin Seipp Daniel Komaromy\n Daniel Binderman Jonathan Metzman\n Vegard Nossum Jan Kneschke\n Kurt Roeckx Marcel Boehme\n Van-Thuan Pham Abhik Roychoudhury\n Joshua J. Drake Toby Hutton\n Rene Freingruber Sergey Davidoff\n Sami Liedes Craig Young\n Andrzej Jackowski Daniel Hodson\n Nathan Voss Dominik Maier\n Andrea Biondo Vincent Le Garrec\n Khaled Yakdan Kuang-che Wu\n Josephine Calliotte Konrad Welc\n Thomas Rooijakkers David Carlier\n Ruben ten Hove Joey Jiao\n fuzzah @intrigus-lgtm\n Yaakov Saxon Sergej Schumilo\n Ziqiao Kong Ryan Berger\n Sangjun Park\n ```\n\n\u003c/details\u003e\n\n## Cite\n\nIf you use AFL++ in scientific work, consider citing\n[our paper](https://www.usenix.org/conference/woot20/presentation/fioraldi)\npresented at WOOT'20:\n\n Andrea Fioraldi, Dominik Maier, Heiko Eißfeldt, and Marc Heuse. “AFL++: Combining incremental steps of fuzzing research”. In 14th USENIX Workshop on Offensive Technologies (WOOT 20). USENIX Association, Aug. 2020.\n\n\u003cdetails\u003e\n\n\u003csummary\u003eBibTeX\u003c/summary\u003e\n\n ```bibtex\n @inproceedings {AFLplusplus-Woot20,\n author = {Andrea Fioraldi and Dominik Maier and Heiko Ei{\\ss}feldt and Marc Heuse},\n title = {{AFL++}: Combining Incremental Steps of Fuzzing Research},\n booktitle = {14th {USENIX} Workshop on Offensive Technologies ({WOOT} 20)},\n year = {2020},\n publisher = {{USENIX} Association},\n month = aug,\n }\n ```\n\n\u003c/details\u003e\n","funding_links":["https://github.com/sponsors/AFLplusplus","https://opencollective.com/AFLplusplusEU"],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faflplusplus%2Faflplusplus","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Faflplusplus%2Faflplusplus","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faflplusplus%2Faflplusplus/lists"}