In step 4, an in-memory hook has been added to further improve performance (see
afl_config.sh).
corpus: folder containing the initial corpus. In this case, it simply contains a certificate generated using OpenSSL;afl_config.sh: script containing all the configuration options for AFL++;build_corpus.sh: script to minimize corpus files and make the corpus unique;fuzz.sh: script to launch AFL++-QEMU on our target.
This step also adds a dependency on the hook folder.
Assuming you haven't already compiled the target:
make -C ../srcTo build the corpus (only needs to be done once):
./build_corpus.shWarning: The corpus format is different for this step, so it must be rebuilt.
To start a campaign, simply run:
./fuzz.sh