27 lines
1.2 KiB
Markdown
27 lines
1.2 KiB
Markdown
# TODOs
|
|
|
|
- [ ] Objective-Specific Corpuses (named per objective)
|
|
- [ ] Good documentation
|
|
- [ ] LAIN / structured fuzzing example
|
|
- [ ] More informative outpus, deeper introspection (stats, what mutation did x, etc.)
|
|
- [ ] Timeout handling for llmp clients (no ping for n seconds -> treat as disconnected)
|
|
- [ ] Heap for signal handling (bumpallo or llmp directly?)
|
|
- [ ] Frida support for Windows
|
|
- [x] LLMP compression
|
|
- [x] AFL-Style Forkserver Executor
|
|
- [x] "Launcher" example that spawns broker + n clients
|
|
- [x] QEMU based instrumentation
|
|
- [x] AFL++ LLVM passes in libafl_cc
|
|
- [x] LLMP Cross Machine Link (2 brokers connected via TCP)
|
|
- [x] Conditional composition of feedbacks (issue #24)
|
|
- [x] Other objectives examples (e.g. execution of a given program point)
|
|
- [x] Restart Count in Fuzzing Loop
|
|
- [x] Minset corpus scheduler
|
|
- [x] Win32 shared mem and crash handler to have Windows in-process executor
|
|
- [x] Other feedbacks examples (e.g. maximize allocations to spot OOMs)
|
|
- [x] A macro crate with derive directives (e.g. for SerdeAny impl).
|
|
- [x] Restarting EventMgr could use forks on Unix
|
|
- [x] Android Ashmem support
|
|
- [x] Errors in the Fuzzer should exit the fuzz run
|
|
- [x] Timeouts for executors (WIP on Windows)
|