Integrate AFL++ with Vulnetix. Fuzz C/C++ binaries to discover crashes, then convert crash artifacts to JSON findings for upload.
C / C++ / binary targetsCLI toolJSON
Install & scan
$ # Docker (recommended — all tooling pre-installed) docker pull aflplusplus/aflplusplus docker run -ti -v $(pwd):/src aflplusplus/aflplusplus $ # Step 1: Compile target with AFL++ instrumentation afl-clang-fast -o target_fuzz fuzz_target.c # Step 2: Create seed corpus mkdir seeds && echo "hello" > seeds/seed1.txt # Step 3: Run fuzzer AFL_FAST_CAL=1 afl-fuzz -i seeds -o out -- ./target_fuzz @@ # Crashes saved to: out/default/crashes/
Run AFL++ in CI
Scan on every push and upload the results to Vulnetix:
- name: Build fuzz target
run: |
docker run --rm -v $(pwd):/src aflplusplus/aflplusplus bash -c "cd /src && AFL_USE_ASAN=1 afl-clang-fast -o target_fuzz fuzz_target.c"
- name: Run fuzzer (60 seconds)
run: |
docker run --rm -v $(pwd):/src aflplusplus/aflplusplus bash -c "timeout 60 afl-fuzz -i /src/seeds -o /src/out -- /src/target_fuzz @@ || true"
- name: Check for crashes
run: ls out/default/crashes/ | grep "^id:" | wc -l
Centralise AFL++ results in Vulnetix
Upload AFL++ JSON output to the Vulnetix platform to deduplicate findings, prioritise them with EPSS, CISA KEV and Coalition ESS exploit intelligence, and track remediation across every scanner in a single queue.