ConAFL

AFL enhanced for concurrency bug and vulnerabilities This repo mainly does two things:

Evenly explore every forked threads
If any pair(s) of sensitive concurrent operations are annotated, this fuzzer will enforce the execution order for those 2 operations. If no pair of sensitive operations are annotated, then this does nothing.

How to run

make

Compile the target program with the generated afl-gcc ,also be sure to add -g -pthread flag when compiling the program
launch the fuzzer by afl-fuzz -m 1GB -i <in dir> + -o + <out dir> + -- <compiled executable> + @@

compile-run.py is just an ad-hoc helper for step 2 and 3.

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
dictionaries		dictionaries
libdislocator		libdislocator
libtokencap		libtokencap
llvm_mode		llvm_mode
qemu_mode		qemu_mode
.gitignore		.gitignore
Makefile		Makefile
QuickStartGuide.txt		QuickStartGuide.txt
README		README
README.md		README.md
afl-analyze.c		afl-analyze.c
afl-as.c		afl-as.c
afl-as.h		afl-as.h
afl-fuzz.c		afl-fuzz.c
afl-gcc.c		afl-gcc.c
afl-gotcpu.c		afl-gotcpu.c
afl-showmap.c		afl-showmap.c
afl-tmin.c		afl-tmin.c
alloc-inl.h		alloc-inl.h
compile-run.py		compile-run.py
conafl.txt		conafl.txt
config.h		config.h
debug.h		debug.h
hash.h		hash.h
test-instr.c		test-instr.c
types.h		types.h