In this blogpost, we show how libFuzzer, the LLVM fuzz testing library part, can be employed with in order to perform coverage-guided blackbox fuzzing of executable binaries. We also show that our approach is fast, semantic-preserving and simply requires to implement the harness function, as occurs for programs with source code available.

Note that this work is based on the lifter, the open-source component at the core of the decompiler we're building. The publicly available version is a bit outdated, but we are in the process of pushing out new versions on a more regular basis. Stay tuned.

Why don't you subscribe to our newsletter? Srls - P. IVA: IT02776470359 - Via San Martino 23 - 42121 - Reggio Emilia, Italy -
Twitter - GitHub - Privacy policy