1# Ideas for AFL++ 2 3In the following, we describe a variety of ideas that could be implemented for 4future AFL++ versions. 5 6## Analysis software 7 8Currently analysis is done by using afl-plot, which is rather outdated. A GTK or 9browser tool to create run-time analysis based on fuzzer_stats, queue/id* 10information and plot_data that allows for zooming in and out, changing min/max 11display values etc. and doing that for a single run, different runs and 12campaigns vs. campaigns. Interesting values are execs, and execs/s, edges 13discovered (total, when each edge was discovered and which other fuzzer share 14finding that edge), test cases executed. It should be clickable which value is X 15and Y axis, zoom factor, log scaling on-off, etc. 16 17Mentor: vanhauser-thc 18 19## WASM Instrumentation 20 21Currently, AFL++ can be used for source code fuzzing and traditional binaries. 22With the rise of WASM as a compile target, however, a novel way of instrumentation 23needs to be implemented for binaries compiled to Webassembly. This can either be 24done by inserting instrumentation directly into the WASM AST, or by patching 25feedback into a WASM VM of choice, similar to the current Unicorn 26instrumentation. 27 28Mentor: any 29 30## Support other programming languages 31 32Other programming languages also use llvm hence they could be (easily?) supported 33for fuzzing, e.g., mono, swift, go, kotlin native, fortran, ... 34 35GCC also supports: Objective-C, Fortran, Ada, Go, and D (according to 36[Gcc homepage](https://gcc.gnu.org/)) 37 38LLVM is also used by: Rust, LLGo (Go), kaleidoscope (Haskell), flang (Fortran), 39emscripten (JavaScript, WASM), ilwasm (CIL (C#)) (according to 40[LLVM frontends](https://gist.github.com/axic/62d66fb9d8bccca6cc48fa9841db9241)) 41 42Mentor: vanhauser-thc 43 44## Machine Learning 45 46Something with machine learning, better than 47[NEUZZ](https://github.com/dongdongshe/neuzz) :-) Either improve a single 48mutator through learning of many different bugs (a bug class) or gather deep 49insights about a single target beforehand (CFG, DFG, VFG, ...?) and improve 50performance for a single target. 51 52Mentor: domenukk 53 54## Your idea! 55 56Finally, we are open to proposals! Create an issue at 57https://github.com/AFLplusplus/AFLplusplus/issues and let's discuss :-) 58