{"id":13538922,"url":"https://github.com/angorafuzzer/angora","last_synced_at":"2025-04-02T05:32:15.570Z","repository":{"id":30721574,"uuid":"125809286","full_name":"AngoraFuzzer/Angora","owner":"AngoraFuzzer","description":"Angora is a mutation-based fuzzer.  The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution. ","archived":false,"fork":false,"pushed_at":"2022-07-18T13:42:14.000Z","size":13595,"stargazers_count":934,"open_issues_count":40,"forks_count":169,"subscribers_count":41,"default_branch":"master","last_synced_at":"2025-01-18T03:31:01.516Z","etag":null,"topics":["afl","data-flow-analysis","fuzzer","fuzzing","security","symbolic-execution","taint-analysis"],"latest_commit_sha":null,"homepage":null,"language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/AngoraFuzzer.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-03-19T06:07:32.000Z","updated_at":"2024-12-30T06:52:39.000Z","dependencies_parsed_at":"2022-08-27T19:11:51.297Z","dependency_job_id":null,"html_url":"https://github.com/AngoraFuzzer/Angora","commit_stats":null,"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AngoraFuzzer%2FAngora","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AngoraFuzzer%2FAngora/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AngoraFuzzer%2FAngora/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AngoraFuzzer%2FAngora/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/AngoraFuzzer","download_url":"https://codeload.github.com/AngoraFuzzer/Angora/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246763809,"owners_count":20829795,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["afl","data-flow-analysis","fuzzer","fuzzing","security","symbolic-execution","taint-analysis"],"created_at":"2024-08-01T09:01:17.720Z","updated_at":"2025-04-02T05:32:10.556Z","avatar_url":"https://github.com/AngoraFuzzer.png","language":"C++","funding_links":[],"categories":["\u003ca id=\"683b645c2162a1fce5f24ac2abfa1973\"\u003e\u003c/a\u003e漏洞\u0026\u0026漏洞管理\u0026\u0026漏洞发现/挖掘\u0026\u0026漏洞开发\u0026\u0026漏洞利用\u0026\u0026Fuzzing"],"sub_categories":["功能"],"readme":"# Angora\n\n[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)\n[![Build Status](https://api.cirrus-ci.com/github/AngoraFuzzer/Angora.svg)](https://cirrus-ci.com/github/AngoraFuzzer/Angora)\n\nAngora is a mutation-based coverage guided fuzzer. The main goal of Angora is \nto increase branch coverage by solving path constraints without symbolic \nexecution. \n\n\n## Published Work\n\nArxiv: [Angora: Efficient Fuzzing by Principled Search](https://arxiv.org/abs/1803.01307), S\u0026P 2018.\n\n## Building Angora\n\n### Build Requirements\n\n- Linux-amd64 (Tested on Ubuntu 16.04/18.04 and Debian Buster)\n- Rust stable (\u003e= 1.31), can be obtained using [rustup](https://rustup.rs)\n- [LLVM 4.0.0 - 12.0.1](http://llvm.org/docs/index.html) : run `PREFIX=/path-to-install ./build/install_llvm.sh`.\n\n### Environment Variables\n\nAppend the following entries in the shell configuration file (`~/.bashrc`, `~/.zshrc`).\n\n```\nexport PATH=/path-to-clang/bin:$PATH\nexport LD_LIBRARY_PATH=/path-to-clang/lib:$LD_LIBRARY_PATH\n```\n\n### Fuzzer Compilation\n\nThe build script will resolve most dependencies and setup the \nruntime environment.\n\n```shell\n./build/build.sh\n```\n\n### System Configuration\n\nAs with AFL, system core dumps must be disabled.\n\n```shell\necho core | sudo tee /proc/sys/kernel/core_pattern\n```\n\n## Test\nTest if Angora is builded successfully.\n```\ncd /path-to-angora/tests\n./test.sh mini\n```\n\n## Running Angora\n\n### Build Target Program\n\nAngora compiles the program into two separate binaries, each with their respective\ninstrumentation. Using `autoconf` programs as an example, here are the steps required.\n\n```\n# Use the instrumenting compilers\nCC=/path/to/angora/bin/angora-clang \\\nCXX=/path/to/angora/bin/angora-clang++ \\\nLD=/path/to/angora/bin/angora-clang \\\nPREFIX=/path/to/target/directory \\\n./configure --disable-shared\n\n# Build with taint tracking support \nUSE_TRACK=1 make -j\nmake install\n\n# Save the compiled target binary into a new directory\n# and rename it with .taint postfix, such as uniq.taint\n\n# Build with light instrumentation support\nmake clean\nUSE_FAST=1 make -j\nmake install\n\n# Save the compiled binary into the directory previously\n# created and rename it with .fast postfix, such as uniq.fast\n\n```\n\nIf you fail to build by this approach, try `wllvm` and `gllvm` described in [Build a target program](./docs/build_target.md#wllvm-or-gllvm).\n\nAlso, we have implemented taint analysis with libdft64 instead of DFSan ([Use libdft64 for taint tracking](./docs/pin_mode.md)). \n\n### Fuzzing\n\n```\n./angora_fuzzer -i input -o output -t path/to/taint/program -- path/to/fast/program [argv]\n```\n\n-----------\n\nFor more information, please refer to the documentation under the \n`docs/` directory.\n\n- [Angora Overview](./docs/overview.md)\n- [Build a target program](./docs/build_target.md)\n- [Running Angora](./docs/running.md)\n- [Use libdft64 for taint tracking](./docs/pin_mode.md)\n- [Example - Fuzz program file by Angora](./docs/example.md)\n- [Run Angora on LAVA](./docs/lava.md)\n- [Exploit attack points](./docs/exploitation.md)\n- [Usage](./docs/usage.md)\n- [Configuration Files](./docs/configuration.md)\n- [Environment variables](./docs/environment_variables.md)\n- [UI Terminology](./docs/ui.md)\n- [Troubleshoot](./docs/troubleshoot.md)\n- [Related works](./docs/related_works.md)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fangorafuzzer%2Fangora","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fangorafuzzer%2Fangora","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fangorafuzzer%2Fangora/lists"}