Original AFL supports black-box coverage-guided fuzzing using QEMU mode. I highly recommend to try it first and if it doesn’t work you can try drAFL tool. Usage You need to specify DRRUN_PATH to point to drrun launcher and LIBCOV_PATH to point to libbinafl.so coverage library. You also need to switch off AFL’s fork server (AFL_NO_FORKSRV=1) …
Continue reading “DrAFL : Fuzzing Binaries With No Source Code On Linux”