afl-prom/README.md
2020-06-09 13:28:36 +02:00

1.6 KiB

afl-prom

What?

afl-prom exposes AFL's fuzzer_stats files to be collected by Prometheus

Why?

Monitoring your fuzzers is an important task to stay up-to-date with the progress of your fuzzers - which means: time consumed and money spent. While many users do this by running afl-fuzz in tmux or screen and attach to them every now and then, I don't think that this is a good monitoring. Neither does it scale well, nor does it allow the creation of histograms or cool graphs.

This is the problem which afl-prom tries to solve. It exposes the stats which are reported on the afl-fuzz status screen and written in the fuzzer_stats file of each fuzzer. In combination with Prometheus and Grafana, this allows state-of-the-art monitoring of all of your fuzzers.

How?

Install Golang, then run

go get github.com/maride/afl-prom

After that, you can run afl-prom, like this:

afl-prom --scan-delay 30 -- /path/to/fuzzer1 /path/to/fuzzer2

This exposes an HTTP server on port 2112. Have a look at the /metrics subpage. Set up a Prometheus instance to grab these metrics. See the example configuration below.

scrape_configs:
  - job_name: 'afl-prom'

    scrape_interval: 5s

    static_configs:
            - targets: ['127.0.0.1:2112']

Then, set up a Grafana instance instance and use Prometheus as a data source.

You're done! Have fun with your new graphs.