The Fall 2024 iteration of Fuzzing Lab where we fuzzed open-source software to find vulnerabilities!

A heap-based use-after-free vulnerability in wolfSSL was discovered through AI-automated fuzz testing—without human interaction. Learn more in our blog

As IoT devices with microcontroller (MCU)-based firmware become more common in our lives, memory corruption vulnerabilities in their firmware are increasingly targeted by adversaries. Fuzzing is a powerful method for detecting these vulnerabilities, but it…

Learn how to build effective harnesses for fuzzing native libraries on Android. Explore techniques and strategies to uncover vulnerabilities

asnfuzzgen - ASN.1 Structure-Aware Fuzzing Compiler - FICS/asnfuzzgen

Intro

BINSEC: ICSE'25: research paper

Despite wolfSSL’s rigorous software testing practices, in October 2024, Code Intelligence—an application security vendor—discovered a potentially exploitable defect in wolfSSL. Remarkably, the potential vulnerability was found without human intervention.…

LibAFL # The LibAFL fuzzer implements features from AFL-based fuzzers like AFL++. Similarly to AFL++, LibAFL provides better fuzzing performance and more advanced features over libFuzzer. However, with LibAFL, all functionality is provided in a modular and…

Contribute to ANSSI-FR/fuzzysully development by creating an account on GitHub.

Snapshot fuzzing enables security engineers to effectively test software that is traditionally difficult to analyze, such as kernel-level software (though the technique is not limited to such software). Whether you’re auditing drivers or other kernel-mode…

OGHarn: Oracle-guided Fuzzing Harness Generation. Contribute to FuturesLab/OGHarn development by creating an account on GitHub.

Full title: Rethinking Emulation for Fu(zzi)n(g) and Profit: Near-Native Rehosting for Embedded ARM Firmware
Slides: https://github.com/binarly-io/Research_Publications/blob/main/REverse_2025/Near-Native%20Rehosting%20for%20Embedded%20ARM%20Firmware.pdf
…

Fuzz testing is incredibly useful: it has caught many a bug during the development of NTP packet parsing and gzip/bzip2 (de)compression.

But I've always been unsatisfied with the fuzzer being a b ...

Guest post by Dillon Franke, Senior Security Engineer ,  20% time on Project Zero Every second, highly-privileged MacOS system daemons...

Multiple out-of-bounds read and null dereference bugs were identified in Microsoft Defender by using Snapshot Fuzzing with WTF and kAFL/NYX. The bugs can be used to crash the main Defender process as soon as the file is scanned. Most are unpatched, but none…

OSS-Fuzz integrations via agent-based build generation.