aflpp

# AFL++ AFL++ is a fork of the original AFL fuzzer that offers better fuzzing performance and more advanced features while maintaining stability. A major benefit over libFuzzer is that AFL++ has stable support for running fuzzing campaigns on multiple cores, making it ideal for large-scale fuzzing efforts. ## When to Use | Fuzzer | Best For | Complexity | |--------|----------|------------| | AFL++ | Multi-core fuzzing, diverse mutations, mature projects | Medium | | libFuzzer | Quick setup, single-threaded, simple harnesses | Low | | LibAFL | Custom fuzzers, research, advanced use cases | High | **Choose AFL++ when:** - You need multi-core fuzzing to maximize throughput - Your project can be compiled with Clang or GCC - You want diverse mutation strategies and mature tooling - libFuzzer has plateaued and you need more coverage - You're fuzzing production codebases that benefit from parallel execution ## Quick Start ```c++ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { // Call your code with fuzzer-provided data check_buf((char*)data, size); return 0; } ``` Compile and run: ```bash # Setup AFL++ wrapper script first (see Installation) ./afl++ docker afl-clang-fast++ -DNO_MAIN=1 -O2 -fsanitize=fuzzer harness.cc main.cc -o fuzz mkdir seeds && echo "aaaa" > seeds/minimal_seed ./afl++ docker afl-fuzz -i seeds -o out -- ./fuzz ``` ## Installation AFL++ has many dependencies including LLVM, Python, and Rust. We recommend using a curren...