Skill

performing-fuzzing-with-aflplusplus

Performs coverage-guided fuzzing of compiled binaries with AFL++ to discover memory corruption, crashes, and security vulnerabilities. Includes instrumentation, corpus management, parallel fuzzing, and crash triage.

C++

Linux

security

testing

npx claudepluginhub 26zl/cybersec-toolkit --plugin cybersec-toolkit

Popularity

Stars

Forks

Invocation

How this skill is triggered — by the user, by Claude, or both

Slash command

/cybersec-toolkit:performing-fuzzing-with-aflplusplus

User invocable

Model invocable

Inline context

Default effort

Context Preview

The summary Claude sees in its skill listing — used to decide when to auto-load this skill

AFL++ is a community-maintained fork of American Fuzzy Lop (AFL) that provides coverage-guided

SKILL.md

89 lines · ~675 tokens

Similar Skills

performing-fuzzing-with-aflplusplus

13.2k

3 files

cybersecurity-skills

performing-fuzzing-with-aflplusplus

Perform coverage-guided fuzzing of compiled binaries using AFL++ to discover crashes, memory corruption, and vulnerabilities. Instruments with afl-cc, manages corpora via afl-cmin/tmin, runs afl-fuzz campaigns, triages with GDB.

asi

performing-fuzzing-with-aflplusplus

Executes coverage-guided fuzzing with AFL++ on compiled binaries to discover memory corruption, crashes, and security vulnerabilities. Covers instrumentation with afl-cc, corpus management via afl-cmin/afl-tmin, parallel fuzzing, and crash triage using CASR/GDB.

3 files

cybersecurity-skills-zh

Stats

LanguagePython

Stars11

Forks2

MaintenanceExcellent

Last CommitJun 10, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Stats

Actions

Help us improve

Share bugs, ideas, or general feedback.

Performing Fuzzing with AFL++

Overview

AFL++ is a community-maintained fork of American Fuzzy Lop (AFL) that provides coverage-guided fuzzing for compiled binaries. It instruments targets at compile time or via QEMU/Unicorn mode for binary-only fuzzing, then mutates input corpora to discover new code paths. AFL++ includes advanced scheduling (MOpt, rare), custom mutators, CMPLOG for input-to-state comparison solving, and persistent mode for high-throughput fuzzing.

When to Use

When conducting security assessments that involve performing fuzzing with aflplusplus

When following incident response procedures for related security events

When performing scheduled security testing or auditing activities

When validating security controls through hands-on testing

Prerequisites

AFL++ installed (apt install afl++ or build from source)

Target binary source code (for compile-time instrumentation) or QEMU mode for binary-only

Initial seed corpus of valid inputs for the target format

Linux system with /proc/sys/kernel/core_pattern configured

Steps

Instrument the target binary with afl-cc or afl-clang-fast

Prepare seed corpus directory with minimal valid inputs

Minimize corpus with afl-cmin to remove redundant seeds

Run afl-fuzz with appropriate flags (-i input -o output)

Monitor fuzzing progress via afl-whatsup and UI stats

Triage crashes with afl-tmin minimization and CASR/GDB analysis

Report unique crashes with reproduction steps

Expected Output

+++ Findings +++ unique crashes: 12 unique hangs: 3 last crash: 00:02:15 ago +++ Coverage +++ map density: 4.23% / 8.41% paths found: 1847 exec speed: 2145/sec