Skills

aflpp

Installation
Summary

Multi-core fuzzer for C/C++ projects with advanced instrumentation and mutation strategies.

  • Supports three compilation modes (LTO, LLVM, GCC plugin) with libFuzzer-style harnesses for persistent fuzzing at 10-20x faster speeds than fork server mode
  • Excels at parallel fuzzing across multiple cores with asymmetrical job configurations (e.g., one ASan instance plus non-instrumented workers)
  • Includes CMPLOG/RedQueen path constraint solving, integrated sanitizer support (ASan, UBSan), and coverage tracking via edge instrumentation
  • Handles stdin, file, and argument fuzzing modes; supports dictionaries and corpus minimization for format-aware and efficient fuzzing campaigns
SKILL.md

AFL++

AFL++ is a fork of the original AFL fuzzer that offers better fuzzing performance and more advanced features while maintaining stability. A major benefit over libFuzzer is that AFL++ has stable support for running fuzzing campaigns on multiple cores, making it ideal for large-scale fuzzing efforts.

When to Use

Fuzzer Best For Complexity
AFL++ Multi-core fuzzing, diverse mutations, mature projects Medium
libFuzzer Quick setup, single-threaded, simple harnesses Low
LibAFL Custom fuzzers, research, advanced use cases High

Choose AFL++ when:

  • You need multi-core fuzzing to maximize throughput
  • Your project can be compiled with Clang or GCC
  • You want diverse mutation strategies and mature tooling
  • libFuzzer has plateaued and you need more coverage
  • You're fuzzing production codebases that benefit from parallel execution
Related skills

More from trailofbits/skills

Installs
2.2K
Repository
trailofbits/skills
GitHub Stars
5.1K
First Seen
Jan 19, 2026
Security Audits
Gen Agent Trust HubWarn
SocketWarn
SnykWarn