1. 5

  2. 3

    I guess I don’t know the context of this link. AFAICT, it’s just a link to a random project’s quickstart guide?

    1. 3

      It’s the American fuzzy lop’s quick start guide. AFL and related stuff are frequently linked here and on hackernews.

      1. 1

        AFL is probably the most advanced AI in software testing today, and has found hundreds of high-profile, exploitable bugs in widely-used, high-quality software. Also, it has successfully reverse-engineered instances of the JPEG format and SQL syntax by testing libjpeg and SQLite.

        1. 1

          AFL is good, but I doubt it is the most advanced. For example, SAGE exists.

          1. 1

            I didn’t know about SAGE. It sounds like SAGE and AFL are very similar in many ways, and it’s tricky to call, but I think AFL is still probably more capable. Both use statistical AI techniques to guide white-box fuzzing, but where SAGE uses an SMT constraint solver to do abstract execution in order to efficiently explore execution paths, AFL uses compile-time instrumentation or QEMU emulation and fork(); where SAGE uses “a novel directed-search algorithm, dubbed generational search”, AFL uses genetic algorithms. It seems like AFL’s techniques work a little bit better in practice so far, but I could be wrong.

            It’s maybe a bit of a moot point, though, since SAGE is proprietary.