This is an interactive fuzzing tool that visualizes code coverage of a fuzzing campaign and enables the debugger to intervene in the fuzzing queue.
- LLVM 11+
- npm
$ pushd AFLplusplus
$ make LLVM_CONFIG=llvm-config-13
$ popd
$ pushd cli
$ npm install
$ npm run build
$ npm link
$ popdCompile the program to be fuzzed using aflv cc / aflv cxx, which are equivalent to afl-clang-lto / afl-clang-lto++ respectively.
$ aflv cc -o main main.cThe only difference is that aflv cc and aflv cxx generate a source map of the program in .aflv/profile.json.
Run aflv fuzz, which is equivalent to afl-fuzz.
$ aflv fuzz -i in -o out ./mainThen you can see the visualized progress on http://localhost:3000/.