Skip to content

v1.0.0-rc.13

Latest
Latest

Choose a tag to compare

View all tags
@epi052 epi052 released this 31 Dec 02:45
· 3 commits to main since this release
v1.0.0-rc.13
e35264b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

v1.0.0-rc.13 Release Notes

Breaking Changes

LibAFL Dependency Removed

The libafl feature flag and dependency have been completely removed. The RNG implementation (RomuDuoJrRand) and associated utilities (fast_bound, splitmix64) are now included directly in feroxfuzz. This significantly reduces the dependency footprint and simplifies integration.

New Features

Statistics Delta Calculations

Added arithmetic trait implementations (Add, AddAssign, Sub) for the Statistics struct, enabling you to calculate the difference between two statistics snapshots:

let delta = current_stats - previous_stats;

This is particularly useful for:

  • Tracking per-interval metrics in progress displays
  • Comparing statistics across different fuzzing phases
  • Building custom monitoring and reporting

Corpus Iteration Support

All corpus types now implement iter() and iter_mut() methods via CorpusType, allowing for idiomatic iteration over corpus items.

Action Convenience Method

Added Action::should_discard() method that returns true for Action::Discard or Action::AddToCorpus with FlowControl::Discard:

Resume-From / Start-At-Offset Support

Statistics::requests_mut() now provides mutable access to the request counter, enabling pause/resume workflows and the ability to start a scheduler from a specific offset in its iteration. A new example (start-at-wordset-offset.rs) demonstrates this capability.

Manual Timer Control

Added Statistics::start_timer(offset: f64) method for external control of the fuzzer's timing, useful for:

  • Pause/resume workflows
  • Using Statistics as a meta-statistics tracker outside of a Fuzzer

Improvements

Response Observer Enhancements

  • Added request() method to retrieve the original Request from a ResponseObserver
  • Exposed method() to get the HTTP method that generated the response
  • Added case-insensitive header lookup with get_header_case_insensitive()
  • Improved is_redirect() and is_directory() reliability with case-insensitive header checks

Updated Dependencies

All dependencies have been updated to their latest compatible versions.

Examples

  • Added: start-at-wordset-offset.rs - Demonstrates starting a scan from a specific offset in a corpus
  • Removed: havoc.rs - The havoc mutator example has been removed along with the LibAFL dependency
Assets 2
Loading