-run_lf.py:
Runs libFuzzer for 6 hours on 4 threads, and starts the covtracker.
Usage: run_lf.py <lf_binary> <seed_corp_dir> <out_corp_dir> <dictionary(optional)>
-run_afl.py:
Runs AFL for 6 hours on 4 threads, and starts the covtracker.
Usage: run_afl.py <afl_binary> <seed_corp_dir> <out_corp_dir> <dictionary(optional)>
-run_cooperative.py:
Runs the cooperative fuzzer of AFL and libFuzzer, for 12 hours on 4 threads (per round: afl 40min, lf 20min).
Uses an inbuilt coverage tracker that copies the synthesized corpus every time a fuzzer finishes its timeframe.
Usage: run_cooperative.py <lf_binary> <afl_binary> <seed_corp_dir> <out_corp_dir> <dictionary(optional)>
-covtracker.py:
Periodically copies the current corpus to the directory "r_<specified_output_corpus>" (and collects all of them here).
Currently the measurement interval is set to 1 hour.
Usage: covtracker.py <afl_or_lf_or_coop> <seed_corp_dir> <out_corp_dir>
-metric_cov.py:
Calculates the coverage progression given a collection of corpora (takes the folder produced by covtracker as input).
Usage: metric_cov.py <nosan_binary> <covtracker_dir>
-metric_speed.py:
Calculates the average speed over multiple threads for the AFL and libFuzzer stand-alone setups (provided the output corpus (AFL) or log files (libFuzzer)).
Usage: python2.7 metric_speed.py <lf_or_afl> <covtracker_dir> <afl_dir(only for afl)>