Download
AFL (American Fuzzy Lop) is a widely used graybox fuzzer that discovers bugs by mutating inputs and steering execution using lightweight instrumentation. Instead of random mutations alone, it uses coverage feedback to evolve input corpora, pushing programs into deeper and more interesting code paths. Its workflow emphasizes quick start: point it at a target binary with compile-time instrumentation (or use QEMU-based mode when recompilation isn’t possible), seed it with a small corpus, and let it iterate. AFL is known for finding serious security issues in complex software due to its corpus minimization, queue management, and deterministic mutation stages that balance breadth and depth. It provides crash triage helpers and test case minimization so developers can reproduce and fix issues quickly. The design deliberately optimizes for robustness and speed on commodity hardware, which helped it become a standard part of many security testing pipelines.
Features
- Coverage-guided fuzzing with genetic-style input evolution
- Compile-time or QEMU-based instrumentation options
- Corpus curation and deterministic mutation stages
- Crash reproduction and test case minimization tools
- Simple CLI workflow suited for CI and long runs
- Proven effectiveness on large, complex codebases
Project Samples
