Project Triforce: Run AFL on Everything!

The developers of "Project Triforce," an effort to run the "american fuzzylop" fuzz-testing tool in a system-wide manner, have posted adetailed description of what they are up to."AFL is an awesome tool. The power of an easy to use, feedback-drivenfuzzer has produced an absolutely staggering number of bugs. Still, atfirst AFL required being able to build the executable, something sadly notavailable on a lot of targets. With the addition of AFL's qemu_mode, itbecame possible to fuzz binaries without source, exposing a whole new worldof targets to AFL. I'd been on a number of Linux container engagementsrecently where we'd managed to escape through kernel exploits. I fellasleep one night to several AFL screens running, and I awoke suddenly witha crazy idea: 'Run AFL on the Linux Kernel.'"