Fuzzing with the generated argument

Overview

WuLearn-fuzz

Fuzzing with the generated argument. It is almost based on Yuan-fuzz. You can see more detail in it.

Just change it for fun.

Usage

Install libxml2 first.

Then, the same installation method as AFL++. (Of course, you should install some dependent packages)

Build it like this:

$ make distrib

The command line usage of Wulearn-fuzz is similar to Yuan-fuzz.

$ ./afl-fuzz -i [testcase_dir] -o [out_dir] -X [~/XML_PATH/parameters.xml] -c [cmplog Target program] -- [Target program]

Basic xml Rule

Wulearn-fuzz's xml rule is different from Yuan-fuzz. Here is a simple example.

<root>
  <PARAMETER>
    <MUST>true</MUST>
    <ELEMENT>rot</ELEMENT>
    <ELEMENT>flip</ELEMENT>
  </PARAMETER>
  <PARAMETER>
    <MUST>false</MUST>
    <ELEMENT>-a 8</ELEMENT>
    <ELEMENT>-d 64</ELEMENT>
  </PARAMETER>
  <PARAMETER>
    <MUST>true</MUST>
    <ELEMENT>-i</ELEMENT>
  </PARAMETER>
  <PARAMETER>
    <MUST>true</MUST>
    <ELEMENT>@@</ELEMENT>
  </PARAMETER>
  <PARAMETER>
    <MUST>false</MUST>
    <ELEMENT>-b 64,64</ELEMENT>
    <ELEMENT>-b 32,32</ELEMENT>
  </PARAMETER>
  <PARAMETER>
    <MUST>true</MUST>
    <ELEMENT>-outfile /dev/null</ELEMENT>
  </PARAMETER>
  <PARAMETER>
    <MUST>false</MUST>
    <ELEMENT>-b 64,64</ELEMENT>
    <ELEMENT>-b 32,32</ELEMENT>
  </PARAMETER>
</root>

Difference:

TODO

  • Can support Parallel fuzzing.
  • Add k-means clustering to group seed.
  • ...

Thanks

Use Yuan-fuzz and AFLplusplus to modify.

Owner
WuLearn
@SQLab
WuLearn
Get the ability to use variable argument lists in C++ without requiring the first parameter! Meant to support a WG14 proposal to fix up not having empty argument lists.

Vargs Alright, it's time to commit code crimes for the greater good! What if you did not need to pass an initial parameter to your C++ ... functions?

Shepherd's Oasis 3 Dec 2, 2021
✔️The smallest header-only GUI library(4 KLOC) for all platforms

Welcome to GUI-lite The smallest header-only GUI library (4 KLOC) for all platforms. 中文 Lightweight ✂️ Small: 4,000+ lines of C++ code, zero dependenc

null 6.3k Jun 27, 2022
fpicker is a Frida-based fuzzing suite supporting various modes (including AFL++ in-process fuzzing)

fpicker fpicker is a Frida-based fuzzing suite that offers a variety of fuzzing modes for in-process fuzzing, such as an AFL++ mode or a passive traci

Dennis Heinze 176 Jun 18, 2022
Fuzzing harnesses, corpora, scripts, and target-specific notes for fuzzing IrfanView

FuzzIrfanView Here is the accompany repository for my blog post, Fuzzing IrfanView with WinAFL. It contains the following: The scripts used to downloa

Moshe Kaplan 16 Jun 6, 2022
Sloth 🦥 is a coverage guided fuzzing framework for fuzzing Android Native libraries that makes use of libFuzzer and QEMU user-mode emulation

Sloth ?? Sloth is a fuzzing setup that makes use of libFuzzer and QEMU’s user-mode emulation (qemu/linux-user) on x86_64/aarch64 host to emulate aarch

Chaithu 71 Jun 25, 2022
Argh! A minimalist argument handler.

Frustration-free command line processing So many different command line processing libraries out there and none of them just work! Some bring their wh

Adi Shavit 1k Jun 27, 2022
A simple header-only C++ argument parser library. Supposed to be flexible and powerful, and attempts to be compatible with the functionality of the Python standard argparse library (though not necessarily the API).

args Note that this library is essentially in maintenance mode. I haven't had the time to work on it or give it the love that it deserves. I'm not add

Taylor C. Richberger 986 Jul 4, 2022
A collection of single-file C libraries. (generic containers, random number generation, argument parsing and other functionalities)

cauldron A collection of single-file C libraries and tools with the goal to be portable and modifiable. Libraries library description arena-allocator.

Camel Coder 31 Jun 17, 2022
Cobalt Strike Beacon Object File (BOF) that takes the name of of a PE file as an argument and spawns the process in a suspended state

Beacon Object File (BOF) that spawns an arbitrary process from beacons memory. Supports Parent Process ID (PPID) spoofing & blocking non-MS signed DLLs from loading into the processes memory (some EDR DLLs).

boku 329 Jun 27, 2022
Argument Parser for Modern C++

Highlights Single header file Requires C++17 MIT License Quick Start Simply include argparse.hpp and you're good to go. #include <argparse/argparse.hp

Pranav 1.2k Jun 28, 2022
A simple header-only C++ argument parser library. Supposed to be flexible and powerful, and attempts to be compatible with the functionality of the Python standard argparse library (though not necessarily the API).

args Note that this library is essentially in maintenance mode. I haven't had the time to work on it or give it the love that it deserves. I'm not add

Taylor C. Richberger 896 Aug 31, 2021
easy to use, powerful & expressive command line argument parsing for modern C++ / single header / usage & doc generation

clipp - command line interfaces for modern C++ Easy to use, powerful and expressive command line argument handling for C++11/14/17 contained in a sing

André Müller 888 Jun 30, 2022
⛳ Simple, extensible, header-only C++17 argument parser released into the public domain.

⛳ flags Simple, extensible, header-only C++17 argument parser released into the public domain. why requirements api get get (with default value) posit

sailormoon 198 Jun 18, 2022
communicate between usermode and kernelmode through a swapped qword ptr argument

communicate between usermode and kernelmode through a swapped qword ptr argument

null 22 Jun 23, 2022
CollabFuzz: A Framework for Collaborative Fuzzing

Collaborative Fuzzing Design In this cooperative framework, the fuzzers collaborate using a centralized scheduler.

VUSec 60 Jun 15, 2022
Fuzzing test lab

NYCU-Software-Testing-2021-Lab8 Fuzzing test lab 這是簡單的 bmp format 灰階轉換程式,裡面好像有隱藏的弱點會讓程式出問題,麻煩你用模糊測試找到問題,並幫我修復他。 繳交:學號.zip 內容: poc : 會造成問題的輸入 bmp_lib.c

Yuan 7 May 5, 2021
owfuzz: a WiFi protocol fuzzing tool using openwifi.

Openwifi is an open-source WiFi protocol stack based on SDR that is fully compatible with Linux mac80211. It's driver takes advantage of the Linux kernel's supports (mac80211, cfg80211) for WiFi high MAC, so it can provide an interface to the application layer like a common WiFi USB dongle.

Alipay 135 Jun 23, 2022
The artifact associated with our ISSTA 2021 paper "Seed Selection for Successful Fuzzing"

Seed Selection for Successful Fuzzing The artifact associated with our ISSTA 2021 paper "Seed Selection for Successful Fuzzing". While our primary art

HexHive 29 Mar 30, 2022
USENIX 2021 - Nyx: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types

Nyx: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types Nyx is fast full-VM snapshot fuzzer for type-2 hypervisors. It's built upon kAFL

Chair for Sys­tems Se­cu­ri­ty 153 Jun 29, 2022
OSS-Sydr-Fuzz - OSS-Fuzz fork for hybrid fuzzing (fuzzer+DSE) open source software.

OSS-Sydr-Fuzz: Hybrid Fuzzing for Open Source Software This repository is a fork of OSS-Fuzz project. OSS-Sydr-Fuzz contains open source software targ

Ivannikov Institute for System Programming of the Russian Academy of Sciences 20 Jun 23, 2022
Owfuzz: a WiFi protocol fuzzing tool

owfuzz owfuzz: a WiFi protocol fuzzing tool using openwifi. Openwifi is an open-source WiFi protocol stack based on SDR that is fully compatible with

Alipay 135 Jun 23, 2022
BSOD: Binary-only Scalable fuzzing Of device Drivers

bsod-kernel-fuzzing This repository contains the implementations described in "BSOD: Binary-only Scalable fuzzing Of device Drivers". The paper and th

Fabian Toepfer 128 May 24, 2022
StochFuzz - Sound and Cost-effective Fuzzing of Stripped Binaries by Incremental and Stochastic Rewriting

StochFuzz: A New Solution for Binary-only Fuzzing StochFuzz is a (probabilistically) sound and cost-effective fuzzing technique for stripped binaries.

Zhuo Zhang 161 Apr 7, 2022
OSS-Fuzz - continuous fuzzing for open source software.

OSS-Fuzz: Continuous Fuzzing for Open Source Software Fuzz testing is a well-known technique for uncovering programming errors in software. Many of th

Google 7.5k Jun 30, 2022
TAFuzzer: Effective and Efficient Targeted Fuzzing framework for Smart Contract Vulnerability Detection (CCS2022a Under Review).

TAFuzzer An effective and efficient targeted fuzzing framework for smart contract vulnerability detection. Requirements TAFuzzer is supported on Linux

null 2 Feb 7, 2022
Easy to use, header only, macro generated, generic and type-safe Data Structures in C

C Macro Collections Easy to use, header only, macro generated, generic and type-safe Data Structures in C. Table of Contents Installation Contributing

Leonardo Vencovsky 307 Jun 28, 2022
Easy to use, header only, macro generated, generic and type-safe Data Structures in C

C Macro Collections Easy to use, header only, macro generated, generic and type-safe Data Structures in C. Table of Contents Installation Contributing

Leonardo Vencovsky 307 Jun 28, 2022
Easing the task of comparing code generated by cc65, vbcc, and 6502-gcc

6502 C compilers benchmark Easing the way to compare code generated by cc65, 6502-gcc, vbcc, and KickC. This repository contains scripts to: Compile t

Sylvain Gadrat 16 Dec 15, 2021
Set of pre-generated pwn.college challenges

pwn.college Set of pre-generated pwn.college challenges! Setup Replace <INSTANCE> with your instance's name: ./generate_sql.sh | docker exec -i <INSTA

pwn.college 38 May 8, 2022