American Fuzzy Lop (software)
| American Fuzzy Lop | |
|---|---|
American Fuzzy Lop's afl-fuzz running on a test program | |
| Developer(s) | Michał Zalewski |
| Initial release | November 12, 2013 |
| Stable release | 2.57b
/ June 30, 2020 |
| Repository | |
| Written in | C, assembly |
| Operating system | Cross-platform |
| Type | Fuzzer |
| License | Apache License 2.0 |
| Website | lcamtuf |
American Fuzzy Lop (AFL), stylized in all lowercase as american fuzzy lop, is a free software fuzzer that employs genetic algorithms in order to efficiently increase code coverage of the test cases. So far it has detected hundreds of significant software bugs in major free software projects, including X.Org Server, PHP, OpenSSL, pngcrush, bash, Firefox, BIND, Qt, and SQLite.
Initially released in November 2013, AFL quickly became one of the most widely used fuzzers in security research. For many years after its release, AFL has been considered a "state of the art" fuzzer. AFL is considered "a de-facto standard for fuzzing", and the release of AFL contributed significantly to the development of fuzzing as a research area. AFL is widely used in academia; academic fuzzers are often forks of AFL, and AFL is commonly used as a baseline to evaluate new techniques.
The source code of American fuzzy lop is published on GitHub. Its name is a reference to a breed of rabbit, the American Fuzzy Lop.