afl‐fuzz − code fuzzer for American Fuzzy Lop (afl)

afl‐fuzz ‐i <testcase_dir> ‐o <findings_dir> [options] ‐‐
/path/to/fuzzed/app [params]

This program takes an binary and attempts a variety of
fuzzing strategies, paying close attention on how they
affect the execution path.

     To operate correctly, the fuzzer requires one or more
starting files containing the typical input normally
expected by the targeted application.

     For instrumentated fuzzing, the binary must be compiled
using either one of the shipped gcc or clang wrappers. Put
‐n to fuzz w/o instrumentation in dumb mode.

     Please regard that a full fuzzing process takes a lot
of time. For exhaustive information on afl, see the
documentation in /usr/share/doc/afl‐doc.

Run afl‐fuzz without any arguments to see a complete list of

afl‐gcc(1), afl‐g++(1), afl‐clang(1), afl‐clang++(1), afl‐
clang‐fast(1), afl‐clang‐fast++(1), afl‐showmap(1), afl‐
cmin(1), afl‐tmin(1), afl‐analyze(1), afl‐gotcpu(1), afl‐
plot(1), afl‐whatsup(1)

American Fuzzy Lop is written by Michal Zalewski
<>.  Forkserver design by Jann Horn
<>.  This manpage was written by
Daniel Stender <>.