# Install afl++ with Homebrew, MacPorts, zypper, apk, apt, pacman

American Fuzzy Lop++. Version 5.02c via Homebrew; verified 2026-07-02.

## Install

```sh
sudo av install brew:afl++
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install afl++
```

  Evidence: local Homebrew formula metadata

- MacPorts (94%):

```sh
sudo port install afl
```

  Evidence: MacPorts ports tree: devel/afl/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1

### Linux

- zypper (92%):

```sh
sudo zypper install afl
```

  Evidence: openSUSE Tumbleweed package metadata: afl from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst

- apk (92%):

```sh
sudo apk add afl++
```

  Evidence: Alpine Linux edge package indexes: afl++ from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz

- Debian apt (92%):

```sh
sudo apt install afl++
```

  Evidence: Debian stable package indexes: afl++ from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz

- pacman (92%):

```sh
sudo pacman -S afl++
```

  Evidence: Arch Linux sync databases: afl++ from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz

## Package facts

- **Package key:** brew:afl++
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/afl++>
- **Version:** 5.02c
- **Source summary:** American Fuzzy Lop++
- **Homepage:** <https://aflplus.plus/>
- **Repository:** <https://github.com/AFLplusplus/AFLplusplus>
- **Upstream docs:** <https://aflplus.plus/>
- **License:** Apache-2.0
- **Source archive:** <https://github.com/AFLplusplus/AFLplusplus/archive/refs/tags/v5.02c.tar.gz>
- **Last updated:** 2026-07-02T11:12:14-04:00
- **Generated:** 2026-07-10T07:20:53+00:00

## Executables

- afl-addseeds (cli)
- afl-analyze (cli)
- afl-c++ (cli)
- afl-cc (cli)
- afl-clang (cli)
- afl-clang++ (cli)
- afl-clang-fast (cli)
- afl-clang-fast++ (cli)
- afl-clang-lto (cli)
- afl-clang-lto++ (cli)
- afl-cmin (cli)
- afl-cmin.awk (cli)
- afl-cmin.bash (cli)
- afl-cmin.py (cli)
- afl-fuzz (cli)
- afl-g++ (cli)
- afl-gcc (cli)
- afl-gotcpu (cli)
- afl-ld-lto (cli)
- afl-lto (cli)
- afl-lto++ (cli)
- afl-persistent-config (cli)
- afl-plot (cli)
- afl-showmap (cli)
- afl-system-config (cli)
- afl-tmin (cli)
- afl-whatsup (cli)
- afl-addseeds (alias)
- afl-analyze (alias)
- afl-c++ (alias)
- afl-cc (alias)
- afl-clang (alias)
- afl-clang++ (alias)
- afl-clang-fast (alias)
- afl-clang-fast++ (alias)
- afl-clang-lto (alias)
- afl-clang-lto++ (alias)
- afl-cmin (alias)
- afl-cmin.awk (alias)
- afl-cmin.bash (alias)
- afl-cmin.py (alias)
- afl-fuzz (alias)
- afl-g++ (alias)
- afl-gcc (alias)
- afl-gotcpu (alias)
- afl-ld-lto (alias)
- afl-lto (alias)
- afl-lto++ (alias)
- afl-persistent-config (alias)
- afl-plot (alias)
- afl-showmap (alias)
- afl-system-config (alias)
- afl-tmin (alias)
- afl-whatsup (alias)

## Dependencies

- lld
- llvm
- python@3.14

## Build dependencies

- coreutils

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux

## Freshness

- Page generated: 2026-07-10
- Package-manager version: 5.02c
- Package-manager updated: 2026-07-02
- Local data: ok
- Upstream repository: https://github.com/AFLplusplus/AFLplusplus
- info: No cached GitHub release or tag data was available.
## Project history and usage

AFL++ is the community-maintained successor line to American Fuzzy Lop, packaged as a broad fuzzing toolkit centered on afl-fuzz, compiler wrappers, corpus minimizers, instrumentation modes, and crash triage helpers. Its own README describes it as a fork of Google's AFL with more speed, mutations, instrumentation, and custom module support.

### Project history

The original AFL was developed by Michal Zalewski; AFL++ credits that origin while listing Marc Heuse, Dominik Maier, Andrea Fioraldi, Heiko Eissfeldt, and others as current maintainers. The public AFL++ GitHub repository was created in 2019, and the project has continued as an active release train with stable, dev, and release branches.

AFL++ consolidated a patch culture that had grown around AFL: LLVM and LTO instrumentation, QEMU and binary-only modes, laf-intel and Redqueen-style comparison solving, MOpt mutators, persistent mode, Unicorn mode, Frida mode, and other target-specific execution backends. For package maintainers, the important point is that AFL++ is not just one binary but a coordinated tool suite with many executable entry points.

### Adoption history

AFL++ is distributed through several Unix package managers in the supplied batch facts, including Homebrew, Debian, Ubuntu, Alpine, Arch, and openSUSE. The project also publishes Docker images and documents direct source builds, which made it easier to use the same fuzzing environment in CI, local research machines, and throwaway containers.

The upstream README points users to Google's FuzzBench aflplusplus configuration for comparisons, and the project keeps a papers page for academic citation. That combination of package-manager availability, Docker distribution, benchmark integration, and citation guidance is why AFL++ became the default AFL-family package for many security-testing workflows.

### How it is used

The common workflow is to build the target with afl-cc or an AFL++ compiler wrapper, seed an input corpus, run afl-fuzz with an input and output directory, and investigate crashes or hangs written under the fuzzer output tree. Companion tools such as afl-cmin, afl-tmin, afl-showmap, afl-analyze, afl-plot, and afl-whatsup support corpus reduction, testcase minimization, coverage mapping, and fleet monitoring.

AFL++ matters operationally because its behavior depends on instrumentation mode, target style, and runtime environment. Packagers tend to care about LLVM/QEMU/Frida/Unicorn feature coverage, sanitizer compatibility, shell helper availability, and whether users get enough installed docs to navigate binary-only fuzzing, persistent mode, dictionaries, and crash replay.

### Why package nerds care

For package nerds, AFL++ is a dense formula: many binaries, optional engines, architecture-sensitive instrumentation, frequent upstream releases, and a user base that notices quickly when a backend or compiler wrapper is missing. It is a good example of a security tool whose package is the development environment.

It also illustrates a common replacement story in package sets: the original AFL name is historically important, but AFL++ is the active branch many users now expect when they install an AFL-family fuzzer.

### Timeline

- 2019: AFL++ GitHub repository created.
- 2026: AFL++ 5.02c published upstream.
- 2026: Supplied package facts show AFL++ packaged by Homebrew, Debian, Ubuntu, Alpine, Arch, and openSUSE.

### Related projects

- American Fuzzy Lop is the original project line credited by AFL++.
- Google FuzzBench includes an aflplusplus setup for comparative fuzzing benchmarks.
- AFL++ publishes related coverage and reachability analysis tools under the AFLplusplus GitHub organization.

### Sources

- <https://api.github.com/repos/AFLplusplus/AFLplusplus>
- <https://github.com/AFLplusplus/AFLplusplus#readme>
- <https://github.com/AFLplusplus/AFLplusplus/releases>
- source_facts.package-manager


## Security Notes

narrow executable package without higher-risk signals.

- **Geiger risk:** green / low
- narrow executable package without higher-risk signals

## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** afl++
- **Version Scheme:** 0
- **Revision:** 0
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** stable

## Other Package-Manager Records

- Debian apt - afl++ - 4.21c-5: normalized package name match | Debian stable package indexes: afl++ from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz | instrumentation-driven fuzzer for binary formats | https://github.com/AFLplusplus/AFLplusplus
- Ubuntu apt - afl++ - 4.09c-1ubuntu3: normalized package name match | Ubuntu 24.04 LTS package indexes: afl++ from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz | instrumentation-driven fuzzer for binary formats | https://github.com/vanhauser-thc/AFLplusplus
- apk - afl++ - 4.40c-r1: normalized package name match | Alpine Linux edge package indexes: afl++ from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz | Fuzzer relying on genetic algorithms instead of brute force | https://aflplus.plus/
- apk - afl++-doc - 4.40c-r1: normalized package name match | Alpine Linux edge package indexes: afl++-doc from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz | Fuzzer relying on genetic algorithms instead of brute force (documentation) | https://aflplus.plus/
- apk - afl++-tools - 4.40c-r1: normalized package name match | Alpine Linux edge package indexes: afl++-tools from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz | AFL++ tools and utilities | https://aflplus.plus/
- pacman - afl++ - 5.00c-1: normalized package name match | Arch Linux sync databases: afl++ from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz | instrumentation-driven fuzzer for binary format | https://aflplus.plus/
- zypper - afl - 4.40c-2.3: normalized package name match | openSUSE Tumbleweed package metadata: afl from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst | American fuzzy lop is a security-oriented fuzzer | https://github.com/AFLplusplus/AFLplusplus
- zypper - afl-devel - 4.40c-2.3: normalized package name match | openSUSE Tumbleweed package metadata: afl-devel from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst | Development headers for use when fuzzing with American fuzzy lop | https://github.com/AFLplusplus/AFLplusplus
- MacPorts - afl: normalized package name match | MacPorts ports tree: devel/afl/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1


## Related links

- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Networking and protocol packages](https://www.automicvault.com/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [Security and crypto packages](https://www.automicvault.com/pkg/security-crypto-tools/) - Matched security, identity, cryptography, password, signing, or certificate metadata.
- [Homebrew utility packages](https://www.automicvault.com/pkg/brew-utility-packages/) - Matched Homebrew package provider.
- [lld](https://www.automicvault.com/pkg/brew/lld/) - Runtime dependency declared by Homebrew.
- [llvm](https://www.automicvault.com/pkg/brew/llvm/) - Runtime dependency declared by Homebrew.
- [python@3.14](https://www.automicvault.com/pkg/brew/python-3-14/) - Runtime dependency declared by Homebrew.
- [coreutils](https://www.automicvault.com/pkg/brew/coreutils/) - Build dependency declared by Homebrew.
- [echidna](https://www.automicvault.com/pkg/brew/echidna/) - Shares av.db curated category or tags: cli, fuzzing, security, security-testing, testing.
- [wuppiefuzz](https://www.automicvault.com/pkg/brew/wuppiefuzz/) - Shares av.db curated category or tags: cli, fuzzing, security, security-testing, testing.
- [slowhttptest](https://www.automicvault.com/pkg/brew/slowhttptest/) - Shares av.db curated category or tags: cli, security, security-testing, testing.
- [h26forge](https://www.automicvault.com/pkg/brew/h26forge/) - Shares av.db curated category or tags: cli, fuzzing, security, security-testing.
- [jwt-hack](https://www.automicvault.com/pkg/brew/jwt-hack/) - Shares av.db curated category or tags: cli, security, testing.
- [legba](https://www.automicvault.com/pkg/brew/legba/) - Shares av.db curated category or tags: cli, security, testing.
- [sqlmap](https://www.automicvault.com/pkg/brew/sqlmap/) - Shares av.db curated category or tags: cli, security, testing.
- [dnsgen](https://www.automicvault.com/pkg/brew/dnsgen/) - Shares av.db curated category or tags: cli, security, security-testing.

## Combined YAML source

View the package source record on GitHub. [combined/afl++.yml](https://github.com/automic-vault/db/blob/main/combined/afl++.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
