v1.0.0-rc.13 Release Notes

Breaking Changes

LibAFL Dependency Removed

The libafl feature flag and dependency have been completely removed. The RNG implementation (RomuDuoJrRand) and associated utilities (fast_bound, splitmix64) are now included directly in feroxfuzz. This significantly reduces the dependency footprint and simplifies integration.

New Features

Statistics Delta Calculations

Added arithmetic trait implementations (Add, AddAssign, Sub) for the Statistics struct, enabling you to calculate the difference between two statistics snapshots:

let delta = current_stats - previous_stats;

This is particularly useful for:

• Tracking per-interval metrics in progress displays
• Comparing statistics across different fuzzing phases
• Building custom monitoring and reporting

Corpus Iteration Support

All corpus types now implement iter() and iter_mut() methods via CorpusType, allowing for idiomatic iteration over corpus items.

Action Convenience Method

Added Action::should_discard() method that returns true for Action::Discard or Action::AddToCorpus with FlowControl::Discard:

Resume-From / Start-At-Offset Support

Statistics::requests_mut() now provides mutable access to the request counter, enabling pause/resume workflows and the ability to start a scheduler from a specific offset in its iteration. A new example (start-at-wordset-offset.rs) demonstrates this capability.

Manual Timer Control

Added Statistics::start_timer(offset: f64) method for external control of the fuzzer's timing, useful for:

• Pause/resume workflows
• Using Statistics as a meta-statistics tracker outside of a Fuzzer

Improvements

Response Observer Enhancements

• Added request() method to retrieve the original Request from a ResponseObserver
• Exposed method() to get the HTTP method that generated the response
• Added case-insensitive header lookup with get_header_case_insensitive()
• Improved is_redirect() and is_directory() reliability with case-insensitive header checks

Updated Dependencies

All dependencies have been updated to their latest compatible versions.

Examples

• Added: start-at-wordset-offset.rs - Demonstrates starting a scan from a specific offset in a corpus
• Removed: havoc.rs - The havoc mutator example has been removed along with the LibAFL dependency

• libafl now an optional dependency, gated behind the havoc feature flag
• new clippy checks
• updated libafl
• added libafl_bolts (also behind havoc)
• some maintenance on ci/cd pipeline

What's Changed

• Use v2 of cargo-semver-checks-action by @mgr0dzicki in #24
• Add request to response trait by @epi052 in #25
• Make libafl optional by @epi052 in #26

New Contributors

• @mgr0dzicki made their first contribution in #24

Full Changelog: v1.0.0-rc.10...v1.0.0-rc.12

Replaced async fuzzer's mpsc with mpmc. This dramatically sped up processing time, since the pre-send loop could pretty easily overwhelm the post-send loop. As a result, overall scan time was dramatically reduced as well since we could get into situations where all requests/responses were complete but the single consumer was still processing responses

What's Changed

• Fix error reporting by @epi052 in #22
• replaced async fuzzer's mpsc with mpmc by @epi052 in #23

Full Changelog: v1.0.0-rc.8...v1.0.0-rc.10

What's Changed

• schedulers will resume from state::stats::requests when non-zero by @epi052 in #20
• overhauled fuzz_once internal design (again); less clones / more speed by @epi052 in #20

Full Changelog: v1.0.0-rc.7...v1.0.0-rc.8

• added UniqueProductScheduler (most robust for runtime corpus modifications/least efficient)
• added .unique to wordlist builder
• added .reset to fuzzer trait
• added .set_(pre|post)_loop_hook methods to fuzzers
• added .scheduler_mut method to fuzzers
• fuzzers support being told to skip an item from the scheduler (used in UniqueProductScheduler)
• added ability for AddToCorpus Action to add single|multiple Data items (used to only grab fuzzable fields from a Request)
• added .total_corpora_len method to SharedState

What's Changed

• fixed up type oversight in request processor

Full Changelog: v1.0.0-rc.5...v1.0.0-rc.6

What's Changed

• added dynamic dispatch to Processors by @epi052 in #16
• added typesafe builder pattern for fuzzer construction by @epi052 in #16
• added pre-loop / post-loop hooks to fuzzers by @epi052 in #16
• implemented Named for most components by @epi052 in #16
• RandomScheduler can operate on a subset of corpora, instead of only all corpora by @epi052 in #16
• SharedState can add a Corpus after being instantiated by @epi052 in #16

Full Changelog: v1.0.0-rc.4...v1.0.0-rc.5

What's Changed

• added action traking in stats by @epi052 in #15

Full Changelog: v1.0.0-rc.3...v1.0.0-rc.4

What's Changed

• fixed http method builder return type by @epi052 in #12
• added api calls for multiple methods during HttpMethodsCorpus build by @epi052 in #13
• added pub/sub event system by @epi052 in #14

Full Changelog: v1.0.0-rc.2...v1.0.0-rc.3

What's Changed

• improved api for malformed urls by @epi052 in #11

Full Changelog: v1.0.0-rc.1...v1.0.0-rc.2