Fuzzilli intermediate language - program generator

[ccrashes]

Hi . I want to know more about fuzzilli intermedia language generator and it's design? where can I find this information ?

And which parts of fuzzilli is responsible to generate this IL ? is it only this one which take care of IL generation? (https://github.com/googleprojectzero/fuzzilli/blob/main/Sources/Fuzzilli/Core/ProgramBuilder.swift) .

I am interested to know more about intermediate language and how can I write my own custom intermediate language to better understand how fuzzilli does generate and mutate js code .

My second question is : Is it possible to change fuzzilli in a way to support more apis than just javascript? I mean custom apis in web browsers .

Thank you!

[saelo]

Hi! You can find information about the IL and how it's used in Fuzzilli here: https://github.com/googleprojectzero/fuzzilli/blob/main/Docs/HowFuzzilliWorks.md apart from that, the next best source of information is probably the source code, e.g. for the MutationEngine.

There is no reason why you couldn't add various web APIs to Fuzzilli's Environment Model. The harder part is probably to get Fuzzilli running against a full browser renderer process instead of just a JavaScript shell.