AFL-FUZZ(1) afl AFL-FUZZ(1)
afl-fuzz - code fuzzer for American Fuzzy Lop (afl)
afl-fuzz -i <testcase_dir> -o <findings_dir> [options] --
This program takes an binary and attempts a variety of fuzzing strate-
gies, paying close attention on how they affect the execution path.
To operate correctly, the fuzzer requires one or more starting files
containing the typical input normally expected by the targeted applica-
For instrumentated fuzzing, the binary must be compiled using either
one of the shipped gcc or clang wrappers. Put -n to fuzz w/o instrumen-
tation in dumb mode.
Please regard that a full fuzzing process takes a lot of time. For
exhaustive information on afl, see the documentation in
Run afl-fuzz without any arguments to see a complete list of options.
afl-gcc(1), afl-g++(1), afl-clang(1), afl-clang++(1), afl-clang-
fast(1), afl-clang-fast++(1), afl-showmap(1), afl-cmin(1), afl-tmin(1),
afl-analyze(1), afl-gotcpu(1), afl-plot(1), afl-whatsup(1)
American Fuzzy Lop is written by Michal Zalewski <email@example.com>.
Forkserver design by Jann Horn <firstname.lastname@example.org>. This manpage
was written by Daniel Stender <email@example.com>.