LibAFL, as most of the Rust projects, can be built using cargo
from the root directory of the project with:
$ cargo build --release
Note that the --release
flag is optional for development, but you need to add it to do fuzzing at a decent speed.
Slowdowns of 10x or more are not uncommon for Debug builds.
The LibAFL repository is composed of multiple crates.
The top-level Cargo.toml
is the workspace file grouping these crates.
Calling cargo build
from the root directory will compile all crates in the workspace.
The best starting point for experienced rustaceans is to read through, and adapt, the example fuzzers.
We group these fuzzers in the ./fuzzers
directory of the LibAFL repository.
The directory contains a set of crates that are not part of the workspace.
Each of these example fuzzers uses particular features of LibAFL, sometimes combined with different instrumentation backends (e.g. SanitizerCoverage, Frida, ...).
You can use these crates as examples and as skeletons for custom fuzzers with similar feature sets.
Each fuzzer will have a README.md
file in its directory, describing the fuzzer and its features.
To build an example fuzzer, you have to invoke cargo build --release
from its respective folder (fuzzers/[FUZZER_NAME]
).