Afl
Fuzzing Apache httpd server with American Fuzzy Lop + persistent mode
Recently, I reported CVE-2017-7668 (Apache Server buffer-over-read). This is a cross-post from my personal blog where I explain how to fuzz network programs with AFL by porting techniques learned in honggfuzz into AFL. After a small chat with Dominic he asked me to re-post it here which, for me it’s an honour to do so! The reported CVE was obtained with code analysis and instrumentation of the right parts of…
Page 1 of 1