ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-11 17:51:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
ec87abda93d68f489f26ed2a2ae75b4f1e26d0bb
AFLplusplus/custom_mutators/autotokens
History
vanhauser-thc ec87abda93 readme
2023-02-04 14:37:28 +01:00
..
autotokens.cpp
more autotoken options
2023-02-04 14:34:47 +01:00
Makefile
autotoken: splicing; splice_optout
2023-01-18 22:17:14 +01:00
README
readme
2023-02-04 14:37:28 +01:00
TODO
more autotoken options
2023-02-04 14:34:47 +01:00

README 

# autotokens

This implements an improved autotoken grammar fuzzing idea presented in
[Token-Level Fuzzing][https://www.usenix.org/system/files/sec21-salls.pdf].
It is a grammar fuzzer without actually knowing the grammar.

It is recommended to run with together in an instance with `CMPLOG`.

If you have a dictionary (`-x`) this improves this custom grammar mutator.

If **not** running with `CMPLOG`, it is possible to set
`AFL_CUSTOM_MUTATOR_ONLY` to concentrate on grammar bug classes.

Do **not** set `AFL_DISABLE_TRIM` with this custom mutator!

## Configuration via environment variables

`AUTOTOKENS_ONLY_FAV` - only use this mutator on favorite queue items
`AUTOTOKENS_COMMENT` - what character or string starts a comment which will be
                       removed. Default: `/* ... */`
`AUTOTOKENS_FUZZ_COUNT_SHIFT` - reduce the number of fuzzing performed, shifting
                                the value by this number set, e.g. 1.
`AUTOTOKENS_LEARN_DICT` - learn from dictionaries?
                          0 = none
                          1 = only -x or autodict
                          2 = -x, autodict and `CMPLOG`
`AUTOTOKENS_ALTERNATIVE_TOKENIZE` - use an alternative tokenize implementation
                                   (experimental)
`AUTOTOKENS_WHITESPACE` - whitespace string to use for ALTERNATIVE_TOKENIZE,
                          default is " "