This should help you get started with AFL and more traditional security research workflows:
https://www.ixiacom.com/company/blog/how-use-fuzzing-securit...
Consider DeepState for a more development-focused workflow, akin to writing unit tests:
https://github.com/trailofbits/deepstate