Fuzz相关技术博客
记录在科研学习 Fuzz 过程中遇到的比较好的博客网站
1. AFL
AFL内部实现细节小记 - 记事本 (rk700.github.io)
AFL文件变异一览 - 记事本 (rk700.github.io)
AFL改进小试 - 记事本 (rk700.github.io)
AFL白皮书:https://www.jianshu.com/p/9e387c815c1d
https://thepatrickstar.github.io/afl-white-paper/
看雪有毒师傅
https://bbs.kanxue.com/thread-269534.htm
https://bbs.kanxue.com/thread-269536.htm
https://bbs.kanxue.com/thread-269537.htm
Roland师傅
https://bbs.kanxue.com/thread-265973.htm
https://bbs.kanxue.com/thread-265936.htm
https://yuanbaoder.gitee.io/posts/fef7.html
https://yuanbaoder.gitee.io/posts/db73.html
virgin_bits
https://mem2019.github.io/jekyll/update/2019/08/26/AFL-Fuzzer-Notes-2.html
https://paper.seebug.org/842/#2-basic-block
https://eternalsakura13.com/2020/08/23/afl/ ⭐
跳跳糖–AFL
https://tttang.com/archive/1595/#toc__5
Seebug
https://paper.seebug.org/1732/
CSDN
https://blog.csdn.net/m0_37907383/article/details/105419989
IoTsec-Zone⭐
有毒师傅
https://www.iotsec-zone.com/article?id=274
https://www.iotsec-zone.com/article?id=249
使用afl对libmodbus进行fuzz
https://blog.csdn.net/qq_42768012/article/details/118567601
2. AFLNET
AFLNET源码分析1
https://blog.csdn.net/m0_50819561/article/details/129326221
https://blog.csdn.net/m0_50819561/article/details/129905278
https://blog.csdn.net/m0_50819561/article/details/129704417
AFLNET源码分析2
https://blog.csdn.net/von_Neumann_/article/details/127768296
https://blog.csdn.net/von_neumann_/category_12095073.html
AFLNET源码分析3
https://bbs.kanxue.com/thread-276269.htm
FuzzWiki–AFLNET
https://mp.weixin.qq.com/s/cVWIeg6rVjtlmceT1fizAA
3. libFuzzer
覆盖率统计工具SanitizerCoverage
https://clang.llvm.org/docs/SanitizerCoverage.html#tracing-control-flow
官方说明
https://llvm.org/docs/LibFuzzer.html#getting-started
谷歌tutorial:https://github.com/google/fuzzing/blob/master/tutorial/libFuzzerTutorial.md
libfuzzer-workshop:https://github.com/Dor1s/libfuzzer-workshop
项目地址:
https://github.com/llvm/llvm-project/tree/main/compiler-rt/lib/fuzzer
技术博客
https://blog.csdn.net/weixin_42733202/article/details/119715246
https://bbs.kanxue.com/thread-274792.htm
https://blog.csdn.net/Alicheche/article/details/127266732
libfuzzer编译链接:https://i-m.dev/posts/20190831-143715.html
libfuzzer和LLVM:https://p1umer.github.io/2019/02/20/libfuzzer%20&%20LLVM%20%E5%88%9D%E6%8E%A2/
4. SantisizeCoverage
https://github.com/lcatro/Source-and-Fuzzing/tree/master
低版本:https://bcain-llvm.readthedocs.io/projects/clang/en/latest/SanitizerCoverage/
https://blog.csdn.net/yuanbinquan/article/details/106767635
个人博客网站
https://myfzy.top/2021/03/16/symcc+afl/
https://blog.csdn.net/Alicheche?type=blog
软件测试:https://swen90006.github.io/notes/intro.html
libfuzzer源码:https://github.com/llvm-mirror/compiler-rt/tree/master/lib/fuzzer
clang:http://www.helloted.com/ios/2020/06/28/clang/
陈老师提供的学习网站
libfuzzer采用路径覆盖率(afl采用边覆盖率):https://llvm.org/docs/LibFuzzer.html#getting-started
“If a mutation triggers execution of a previously-uncovered path in the code under test, then that mutation is saved to the corpus for future variations.”
看看能不能把libfuzzer的路径覆盖率采集模块摘下来。
或者使用这个工具来记录控制流(需要确认一下这里的控制流是不是体现的路径覆盖率):
https://clang.llvm.org/docs/SanitizerCoverage.html#id10
作为路径覆盖率。
afl用于fuzz协议软件:https://www.cnblogs.com/hac425/p/9416917.html
这个模块提供了一个python包装器用于与fuzze(例如AFL)进行交互:https://github.com/angr/phuzzer
This module provides a Python wrapper for interacting with fuzzers, such as AFL (American Fuzzy Lop: http://lcamtuf.coredump.cx/afl/). It supports starting an AFL instance, adding slave workers, injecting and retrieving testcases, and checking various performance metrics.
boofuzz源码笔记
https://www.iotsec-zone.com/article?id=322
fuzz101实践
https://www.iotsec-zone.com/article?id=245
Fuzzing-Like-A-Caveman中文翻译
第一篇:https://www.anquanke.com/post/id/202982
第二篇:https://www.anquanke.com/post/id/202989
第三篇:https://www.anquanke.com/post/id/207307