Awesome

afl-cov

AFL fuzzing coverage CFG visualization

The utility is based on angr, tracer, qemu, bingraphvis and cfg-explorer.

Note

This project is in its very early stage!

Usage

$ python -m aflcov /your/binary /path/to/afl/fuzz/queue -l

The command above will build the CFG, run the executable for each of the queue files through qemu to collect trace info, calculates the node coverage, and display it on the CFG.

Limitations

see limitations of cfg-explorer

Screenshots

scr1 scr2