afl.rs
Screen recording of AFL running on Rust code.
## Hints
Before starting to fuzz, you should reconfigure your system for optimal
performance and better crash detection. This can be done with `cargo-afl afl system-config`.
But this subcommand requires root, so it uses sudo internally. Hence, you might need to enter
your password.
By default, the AFL++ [CMPLOG](https://github.com/AFLplusplus/AFLplusplus/blob/stable/instrumentation/README.cmplog.md)
feature is activated, which helps to achieve good code coverage.
However, it is not beneficial to activate CMPLOG on more than two instances.
So if you run multiple AFL++ instances on your fuzzing target, you can disable CMPLOG by specifying the command line parameter '-c -'.
This [document](https://github.com/AFLplusplus/AFLplusplus/blob/stable/docs/fuzzing_in_depth.md)
will familiarize you with AFL++ features to help in running a successful fuzzing campaign.
By default, the `fuzzing` config is set when `cargo-afl` is used to build. If you want to prevent this, just set the
environment variable `AFL_NO_CFG_FUZZING` to `1` when building.
[conditional compilation]: https://doc.rust-lang.org/reference.html#conditional-compilation
[Cargo feature]: http://doc.crates.io/manifest.html#the-[features]-section
[example-defer]: https://github.com/frewsxcv/afl.rs/blob/master/examples/deferred-init.rs
[LLVM pass]: https://github.com/frewsxcv/afl.rs/blob/master/plugin/src/afl-llvm-pass.o.cc
[example]: https://github.com/frewsxcv/afl.rs/blob/master/afl/examples/hello.rs
[Cargo]: http://doc.crates.io/
[unresolved issue]: https://github.com/frewsxcv/afl.rs/issues/11
[fuzz testing]: https://en.wikipedia.org/wiki/Fuzz_testing
[rustup]: https://rustup.rs/
[american-fuzzy-lop]: http://lcamtuf.coredump.cx/afl/
[AFLplusplus]: https://aflplus.plus/
[rust]: https://www.rust-lang.org