Angora
Angora copied to clipboard
AngoraFuzzer
Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.
Hello, Is there a mean to use GCC a the basic compiler for Angora instead of clang so as to Fuzz other types of languages like JAVA, Ada, etc.
Hi, I try to use Angora to build up [boringssl](https://github.com/google/fuzzer-test-suite/tree/master/boringssl-2016-02-12) in google's [fuzzer-test-suite](https://github.com/google/fuzzer-test-suite). But I face some problems. Compilation failed. Some "Unknown command line argument" happened. Thank you very much...
## Compile exiv2 ``` wget http://exiv2.org/releases/exiv2-0.26-trunk.tar.gz tar zxvf exiv2-0.26-trunk.tar.gz cd exiv2-trunk export CC=/angora/bin/angora-clang CXX=/angora/bin/angora-clang++ LD=/angora/bin/angora-clang ./configure --disable-shared /angora/tools/gen_library_abilist.sh /usr/lib/x86_64-linux-gnu/libz.so discard > /tmp/zlib_abilist.txt /angora/tools/gen_library_abilist.sh /usr/lib/x86_64-linux-gnu/libexpat.so discard >> /tmp/zlib_abilist.txt # and manually...
Is it possible to change the instrumentation ratio (i.e. the proportion of branches instrumented), such as with `AFL_INST_RATIO` in afl? This is useful when fuzzing large programs as another way...
Angora uses LLVM DFSan for taint analysis. Even it is the best taint tracking tool I can found, it is not friendly if your tested program has external libraries. Also,...
``` # /prg/tmp/Angora/angora_fuzzer -i in -o out-angora -t ./unrar.taint -- ./unrar.fast -inul p @@ INFO angora::fuzz_main > CommandOpt { mode: LLVM, id: 0, main: ("./unrar.fast", ["-inul", "p", "@@"]), track: ("./unrar.taint",...
Commit: a3b25de4b1d68584d3027c0a0aa3da93bb571959 Program arguments: /home/songlh/workspace/rust/Angora/llvm_install/clang+llvm/bin/clang-7 -cc1 -triple x86_64-unknown-linux-gnu -emit-obj -disable-free -disable-llvm-verifier -discard-value-names -main-file-name mini.c -mrelocation-model pic -pic-level 1 -mthread-model posix -fmath-errno -masm-verbose -mconstructor-aliases -munwind-tables -fuse-init-array -target-cpu x86-64 -dwarf-column-info -debug-info-kind=limited -dwarf-version=4...
## Question `gif2png` relies on `libpng` and `zlib`. I want to build `gif2png` with certain version `libpng`, and want to keep track for `libpng` library. But libpng build failed. (discard...
In short, when fuzzing pdftotext, Angora generates tremendous amount of queue files, making analyze queue coverage infeasible. Here is the detailed experiment setup: The `pdftotext` is compiled using xpdf-4.00. Parallel...
I try to resume interrupted fuzzing: /angora/angora_fuzzer --input - --output /data -M 2048 -t /d/p/angora/1.exiv2.tt -- /d/p/angora/1.exiv2.fast -pv @@ ``` INFO angora::fuzz_main > CommandOpt { mode: LLVM, id: 0, main:...
Metadata
Owner
Metadata
Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.