Directer: A Parallel and Directed Fuzzing based on Concolic Execution

Fuzzing is a widely used technology to find vulnerabilities, but the current technology is mostly based on coverage and there are relatively few research in the field of directed fuzzing. In this paper, a parallelized testing technique combining directed fuzzing and concolic execution will be proposed. It extracts path space within the level of basic block in the function call chain through the program control flow analysis and function call relationship. Concolic execution is used to implement the target reachable paths guidance, in order to achieve the goal of rapid arrival. In the experimental stage, the developed Directer was used to test on LAVA dataset, which shows better performance than the existing fuzzers.