Fuzzing Farm #2: Evaluating Performance of Fuzzer - https://ricercasecurity.blogspot.com/2023/07/fuzzing-farm-2-evaluating-performance.html
Blogspot
Fuzzing Farm #2: Evaluating Performance of Fuzzer
Author: hugeh0ge Introduction This article is Part 2 of the 4 blog posts in the Fuzzing Farm series. You can find the previous post at...
β€2π₯1
Beyond the Coverage Plateau: A Comprehensive Study of Fuzz Blockers (Registered Report) - https://thuanpv.github.io/publications/Fuzzing23_FuzzBlockers.pdf
π1
Fuzzing Farm #3: Patch Analysis and PoC Development - https://ricercasecurity.blogspot.com/2023/07/fuzzing-farm-3-patch-analysis-and-poc.html
Blogspot
Fuzzing Farm #3: Patch Analysis and PoC Development
Author: Dronex Introduction This article is part 3 of the Fuzzing Farm series, which consists of 4 chapters. You can check the previou...
π1
Fuzzing Farm #4: Hunting and Exploiting 0-day [CVE-2022-24834] - https://ricercasecurity.blogspot.com/2023/07/fuzzing-farm-4-hunting-and-exploiting-0.html
Blogspot
Fuzzing Farm #4: Hunting and Exploiting 0-day [CVE-2022-24834]
Authors: Dronex, ptr-yudai Introduction This article is part 4 of the Fuzzing Farm series. You can check the previous article at " Fuz...
Fuzz Introspector: optimizing fuzzing workflows - https://openssf.org/blog/2023/07/20/fuzz-introspector-optimizing-fuzzing-workflows/
π3
Fuzzing on-chain contracts with Echidna - https://blog.trailofbits.com/2023/07/21/fuzzing-on-chain-contracts-with-echidna/
The Trail of Bits Blog
Fuzzing on-chain contracts with Echidna
With the release of version 2.1.0 of Echidna, our fuzzing tool for Ethereum smart contracts, weβve introduced new features for direct retrieval of on-chain data, such as contract code and storage slot values. This data can be used to fuzz deployed contractsβ¦
π1
Zenbleed: use-after-free in AMD Zen2 processors - https://lock.cmpxchg8b.com/zenbleed.html
Cmpxchg8B
Zenbleed
π3
Testing and Fuzzing the Kubernetes Admission Configuration - https://troopers.de/troopers23/talks/cffrvv/
troopers.de
Testing and Fuzzing the Kubernetes Admission Configuration
TROOPERS is more than just an infoSec con. Hands-on, high-end knowledge sharing leaves you motivated and charged to
π2
Announcing Snapchange: An Open Source KVM-backed Snapshot Fuzzing Framework - https://aws.amazon.com/blogs/opensource/announcing-snapchange-an-open-source-kvm-backed-snapshot-fuzzing-framework/
Amazon
Announcing Snapchange: An Open Source KVM-backed Snapshot Fuzzing Framework | Amazon Web Services
Today we are happy to announce Snapchange, a new open source fuzzing tool from the AWS Find and Fix (F2) open source security research team.
π₯3π1
AFLSmart++: Smarter Greybox Fuzzing - https://thuanpv.github.io/publications/AFLSmart_plusplus_SBFT23.pdf
FUZZING β23: 2nd International Fuzzing Workshop papers - https://dl.acm.org/doi/pdf/10.1145/3605157
ACM Conferences
Proceedings of the 2nd International Fuzzing Workshop | ACM Conferences
It is our great pleasure to welcome you to the 2nd International Workshop on Fuzzing (FUZZING 2023), co-located with ISSTA in Seattle, Washington, USA on 17 July 2023. This workshop is the continua...
π₯1
The art of fuzzing-A Step-by-Step Guide to Coverage-Guided Fuzzing with LibFuzzer - https://aviii.hashnode.dev/the-art-of-fuzzing-a-step-by-step-guide-to-coverage-guided-fuzzing-with-libfuzzer
π2
Fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification - https://github.com/avolens/kubefuzz
GitHub
GitHub - avolens/kubefuzz: Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing theβ¦
Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification. - avolens/kubefuzz
π4
Fuzztruction: Using Fault Injection-based Fuzzing to Leverage Implicit Domain Knowledge - https://www.usenix.org/system/files/usenixsecurity23-bars.pdf
π1
MorFuzz: Fuzzing Processor via Runtime Instruction Morphing enhanced
Synchronizable Co-simulation - https://www.usenix.org/system/files/sec23fall-prepub-7-xu-jinyan.pdf
Synchronizable Co-simulation - https://www.usenix.org/system/files/sec23fall-prepub-7-xu-jinyan.pdf
π1
Fuzz4All: Universal Fuzzing via Large Language Models - https://arxiv.org/pdf/2308.04748.pdf
AI-Powered Fuzzing: Breaking the Bug Hunting Barrier - https://security.googleblog.com/2023/08/ai-powered-fuzzing-breaking-bug-hunting.html?m=1
Googleblog
AI-Powered Fuzzing: Breaking the Bug Hunting Barrier
Dongge Liu, Jonathan Metzman, Oliver Chang, Google Open Source Security Team Since 2016, OSS-Fuzz has been at the forefront of automated v...
π₯8
How to Build a Fuzzing Corpus - https://blog.isosceles.com/how-to-build-a-corpus-for-fuzzing/
Isosceles Blog
How to Build a Fuzzing Corpus
Fuzzing for security vulnerabilities is a strange thing. Throwing randomly generated or mutated data at an application until it crashes sounds like an extremely primitive way to find vulnerabilities, and yet the last decade is full of fuzzing success stories.β¦