Executes coverage-guided fuzzing with AFL++ on compiled binaries to discover memory corruption, crashes, and security vulnerabilities. Covers instrumentation with afl-cc, corpus management via afl-cmin/afl-tmin, parallel fuzzing, and crash triage using CASR/GDB.
npx claudepluginhub killvxk/cybersecurity-skills-zhThis skill uses the workspace's default tool permissions.
AFL++ 是 American Fuzzy Lop(AFL)的社区维护分支,为编译后的二进制文件提供覆盖率引导模糊测试。它在编译时或通过 QEMU/Unicorn 模式(用于纯二进制模糊测试)对目标进行插桩,然后对输入语料库进行变异以发现新的代码路径。AFL++ 包含高级调度算法(MOpt、rare)、自定义变异器、用于输入到状态比较求解的 CMPLOG,以及用于高吞吐量模糊测试的持久模式。
Perform coverage-guided fuzzing of compiled binaries using AFL++ to discover crashes, memory corruption, and vulnerabilities. Instruments with afl-cc, manages corpora via afl-cmin/tmin, runs afl-fuzz campaigns, triages with GDB.
Performs coverage-guided fuzzing of compiled binaries with AFL++ to discover crashes and vulnerabilities. Instruments targets, manages corpora, runs parallel campaigns, triages crashes.
Integrates AFL++ coverage-guided fuzz testing into CI/CD pipelines for C/C++ and compiled apps to detect memory corruption, input handling, and logic vulnerabilities.
Share bugs, ideas, or general feedback.
AFL++ 是 American Fuzzy Lop(AFL)的社区维护分支,为编译后的二进制文件提供覆盖率引导模糊测试。它在编译时或通过 QEMU/Unicorn 模式(用于纯二进制模糊测试)对目标进行插桩,然后对输入语料库进行变异以发现新的代码路径。AFL++ 包含高级调度算法(MOpt、rare)、自定义变异器、用于输入到状态比较求解的 CMPLOG,以及用于高吞吐量模糊测试的持久模式。
apt install afl++ 或从源码构建)/proc/sys/kernel/core_pattern 的 Linux 系统afl-cc 或 afl-clang-fast 对目标二进制文件进行插桩afl-cmin 最小化语料库以删除冗余种子afl-fuzz(-i 输入目录 -o 输出目录)afl-tmin 最小化和 CASR/GDB 分析对崩溃进行分类+++ 发现结果 +++
唯一崩溃: 12
唯一挂起: 3
最近崩溃: 00:02:15 前
+++ 覆盖率 +++
映射密度: 4.23% / 8.41%
发现路径: 1847
执行速度: 2145/秒