https://github.com/adrianherrera/afl-mutation-graph
Recover mutation graph from an AFL seed
https://github.com/adrianherrera/afl-mutation-graph
afl afl-fuzz fuzzing
Last synced: about 1 year ago
JSON representation
Recover mutation graph from an AFL seed
- Host: GitHub
- URL: https://github.com/adrianherrera/afl-mutation-graph
- Owner: adrianherrera
- Created: 2019-11-15T14:31:14.000Z (over 6 years ago)
- Default Branch: master
- Last Pushed: 2021-01-06T10:47:34.000Z (over 5 years ago)
- Last Synced: 2025-03-28T23:43:34.657Z (over 1 year ago)
- Topics: afl, afl-fuzz, fuzzing
- Language: Python
- Homepage:
- Size: 263 KB
- Stars: 59
- Watchers: 3
- Forks: 6
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# AFL Mutation Graph
Recovers an approximation of the mutation graph (specifically, a DAG) that led
to a particular seed (or set of seeds) in an
[AFL](http://lcamtuf.coredump.cx/afl/)/]AFL++](https://aflplus.plus/) queue.
The graph can be saved in Graphviz DOT format.
To graph the relationships between all queue inputs:
```bash
python afl_mutation_graph.py -o queue.dot $(find queue/ -wholename 'queue/id:*')
dot -Tpdf -O queue.dot
```
Example mutation graph, starting from a corpus of seeds (in rectangles).
Hexagon nodes are crashing seeds:
