Skip to content
Snippets Groups Projects
Select Git revision
  • 53-add-ubuntu24-support-for-zafl
  • master default protected
  • update_for_new_os
  • 47-add-tests-for-afl-tmin-and-afl-cmin
  • fix-test-with-aflpp-or-afl
  • 1-add-ci-variable
  • 44-pie-binaries-silently-fail-without-auto-zafl-libraries
  • speedup-domgraph
  • readme_updates
  • stevenagy-master-patch-23272
  • 41-docker-setup-missing-from-readme
  • patch-zut-hitcount-main
  • fix-ubuntu16
  • 36-ready-zafl-for-distribution-a-la-irdb-cookbook
  • fibre_for_windows
  • aware-sw-delivery
  • copyright-headers
  • 18-new-instrumentation-for-laf-intel
  • 14-add-prev_id-context_id-to-fix-map-optimization
  • 7-missing-zafl-afl-functional-tests
  • gt_eval
  • Release-2-26-2021
22 results
Blame Permalink
To learn more about this project, read the wiki.
README.md 10.67 KiB

ZAFL: Zipr-based AFL

Welcome to ZAFL: a project to extend compiler-quality instrumentation speed and transformation support to the fuzzing of x86-64 binary programs. The key features of ZAFL include:

  • Fast, space-efficient, and inlined binary fuzzing instrumentation via the Zipr binary rewriting infrastructure.
  • A platform to extend and combine compiler-style code transformations (e.g., CMP unfolding) to binary-only fuzzing.
  • Full compatibility with the AFL and AFLPlusPlus fuzzer ecosystem.
  • For more information, video demos, troubleshooting, and licensing, please see our wiki page.
Citing this repository: @inproceedings{nagy:breakingthrough, title = {Breaking Through Binaries: Compiler-quality Instrumentation for Better Binary-only Fuzzing}, author = {Stefan Nagy and Anh Nguyen-Tuong and Jason D. Hiser and Jack W. Davidson and Matthew Hicks}, booktitle = {{USENIX} Security Symposium (USENIX)}, year = {2021},}
Licensing: See our Licensing wiki page.
Disclaimer: This software is provided as-is with no warranty.

Prerequisites

  • Install environment: ZAFL's installation currently supports recent 64-bit Linux environments (i.e., Ubuntu 16.04 and up).
  • Supported binaries: ZAFL supports instrumenting/transforming x86-64 Linux binaries of varying type (C and C++, stripped and unstripped, and position independent and position-non-independent). At this time, ZAFL cannot support binaries with DRM, obfuscation, or tamper-resistant protections.
  • Windows binaries: ZAFL offers preliminary cross-platform instrumentation support for Windows 7 PE32+ binaries, though WinAFL-compatible fuzzing instrumentation is not yet supported at this time.
  • Recommended installation: For first-time users we recommend the Docker-based installation. For developers and advanced users we recommend the source-based installation.

Installation from Docker (recommended)

The following instructions assume you are running a compatible Linux environment (i.e., Ubuntu 16.04 and up) with AFL installed.

Step 0: Install the libzafl support library

See the instructions located here: https://git.zephyr-software.com/opensrc/libzafl