Fuzzing Symbolic Expressions - https://www.youtube.com/watch?v=g4oRsdQ4FMc / https://srg.doc.ic.ac.uk/klee22/talks/Coppa-Fuzzing-Symbolic-Expressions.pdf
YouTube
Fuzzing Symbolic Expressions
Emilio Coppa from Sapienza University of Rome at the 3nd International KLEE Workshop on Symbolic Execution
KLEE Workshop 2022: https://srg.doc.ic.ac.uk/klee22/
Slides: https://srg.doc.ic.ac.uk/klee22/talks/Coppa-Fuzzing-Symbolic-Expressions.pdf
KLEE Workshop 2022: https://srg.doc.ic.ac.uk/klee22/
Slides: https://srg.doc.ic.ac.uk/klee22/talks/Coppa-Fuzzing-Symbolic-Expressions.pdf
Fuzzing RDPEGFX with "what the fuzz" - https://thalium.github.io/blog/posts/rdpegfx/
A journey of fuzzing Nvidia graphic driver leading to LPE exploitation - https://drive.google.com/file/d/1HEaQ3o1kSnrzMCec1aiYMkWYQZg7Vjb3/view
👍1
Toss a Fault to Your Witcher: Applying Grey-box Coverage-Guided Mutational Fuzzing to Detect
SQL and Command Injection Vulnerabilities - https://pagabuc.me/docs/oakland23_witcher.pdf
SQL and Command Injection Vulnerabilities - https://pagabuc.me/docs/oakland23_witcher.pdf
FixReverter: A Realistic Bug Injection Methodology for Benchmarking Fuzz Testing - https://www.usenix.org/system/files/sec22-zhang-zenong.pdf
Finding security vulnerabilities through fuzzing workshop - http://fuzzing.in/codelabs/finding_security_vulnerabilities/index.html?index=..%2F..index#0
👍6
ttexplore: Bootstraping code coverage on top of the Triton library - https://github.com/JonathanSalwan/ttexplore
GitHub
GitHub - JonathanSalwan/ttexplore: TTexplore is a library that performs path exploration on binary code using symbolic execution
TTexplore is a library that performs path exploration on binary code using symbolic execution - JonathanSalwan/ttexplore
❤1
Solana - JIT - Lessons from fuzzing a smart contract compiler - https://www.youtube.com/watch?v=8E7XOHQiRPE
YouTube
DEF CON 30 - Thomas Roth , Solana - JIT - Lessons from fuzzing a smart contract compiler
Solana is a blockchain with a $37 billion dollar market cap with the security of that chain relying on the security of the smart contracts on the chain - and we found very little research on the actual execution environment of those contracts. In contrast…
Concurrence: library for fuzzing multi-threaded targets - https://github.com/googleprojectzero/SockFuzzer/tree/main/third_party/concurrence
GitHub
SockFuzzer/third_party/concurrence at main · googleprojectzero/SockFuzzer
Contribute to googleprojectzero/SockFuzzer development by creating an account on GitHub.
ISLa is a grammar-aware string constraint solver with its own specification language - https://rindphi.github.io/isla/
ISLa Specs
ISLa: Inputs on Demand!
ISLa is a grammar-aware string constraint solver with its own specification language.
👍1
Fuzzing XSS Sanitizers for Fun and Profit - https://youtu.be/gJGbS8UELGw
YouTube
Fuzzing XSS Sanitizers for Fun and Profit | Tom Anthony
In 1998 Tom was arrested for hacking, and was told he was looking at over 270 years in prison. Time for a career change! Tom went on to a life as an academic, earning a PhD in Artificial Intelligence, before starting a career as an SEO consultant (you think…
Replicating OpenSSL vulnerabilities with OpenSSL test cases and finding them with libfuzzer - https://youtu.be/vhTuXph1dtY
YouTube
[Vulnerability Analysis] How to replicate OpenSSL vulnerabilities CVE-2022-3602 and CVE-2022-3786
0:00 introduction
0:32 Looking at the fixed code
05:08 Cloning OpenSSL Repo and looking at the code
11:05 Compiling OpenSSL-3.0.7 version
13:21 Running test case binary
14:40 Getting vulnerable version of OpenSSL
16:32 Copying test cases for CVEs from openssl…
0:32 Looking at the fixed code
05:08 Cloning OpenSSL Repo and looking at the code
11:05 Compiling OpenSSL-3.0.7 version
13:21 Running test case binary
14:40 Getting vulnerable version of OpenSSL
16:32 Copying test cases for CVEs from openssl…
🔥2
GopherCon 2022: Katie Hockman - Fuzz Testing Made Easy - https://www.youtube.com/watch?v=7KWPiRq3ZYI
YouTube
GopherCon 2022: Fuzz Testing Made Easy - Katie Hockman
Go now supports fuzz testing natively as of Go 1.18, a tool that can be used to identify bugs and security vulnerabilities in your code. This talk will discuss how and why fuzzing can be used in Go, introduce differential fuzzing, and describe the mechanics…
👍1
Symbolic Triage: Making the Best of a Good Situation - https://www.atredis.com/blog/2022/10/29/symbolic-triage-making-the-best-of-a-good-situation
Atredis Partners
Symbolic Triage: Making the Best of a Good Situation — Atredis Partners
Symbolic Execution can get a bad rap. Generic symbex tools have a hard time proving their worth when confronted with a sufficiently complex target. However, I have found symbolic execution can be very helpful in certain targeted situations. One of those situations…
👍1
Hyperpom: An Apple Silicon Fuzzer for 64-bit ARM Binaries - https://blog.impalabs.com/2211_hyperpom.html
Impalabs
Hyperpom: An Apple Silicon Fuzzer for 64-bit ARM Binaries
Impalabs is releasing Hyperpom, a 64-bit ARM binary fuzzer written in Rust and based on the Apple Silicon's hypervisor. It is mutation-based and coverage-guided. This article gives an overview of its internals, presents the different components it consists…
👍1🔥1
ajpfuzzer: A command-line fuzzer for the Apache JServ Protocol (ajp13) - https://github.com/doyensec/ajpfuzzer
GitHub
GitHub - doyensec/ajpfuzzer: A command-line fuzzer for the Apache JServ Protocol (ajp13)
A command-line fuzzer for the Apache JServ Protocol (ajp13) - doyensec/ajpfuzzer
Learn how to fuzz like a pro: Introduction to (smart contract) fuzzing - https://www.youtube.com/watch?v=QofNQxW_K08
YouTube
Learn how to fuzz like a pro: Introduction to fuzzing
Trail of Bits engineer Anish Naik guides you through Echidna, our Ethereum smart contract fuzzer. We will cover fuzzer setup, how to identify invariants—from simple to complex—and how to translate these invariants into code.
You can find more tutorials on…
You can find more tutorials on…
🔥3
Catch Me If You Can: Deterministic Discovery of Race Conditions with Fuzzing - https://www.youtube.com/watch?v=OpQvXGJcH4s
YouTube
Catch Me If You Can: Deterministic Discovery of Race Conditions with Fuzzing
Finding concurrency bugs has presented a challenge for security and development teams. Race condition-based vulnerabilities are a growing category of bugs reported to vendors and have been observed in in-the-wild exploits. Coverage-guided fuzzing has been…
👍4
[Fuzzing with Jackalope] How to install jackalope and fuzz a simple program on MacOS - https://www.youtube.com/watch?v=rXbaHSXiCtg
YouTube
[MacOS Fuzzing] How to install jackalope and fuzz a simple program on MacOS
00:00 Introduction
01:30 Cloning and compiling jackalope
04:45 Jackalope command line options
08:11 Damn Vulnerable C program compilation
11:05 Finding fuzzing function
12:43 Fuzzing with jackalope
17:30 Conclusion
In this video, we will show you how to…
01:30 Cloning and compiling jackalope
04:45 Jackalope command line options
08:11 Damn Vulnerable C program compilation
11:05 Finding fuzzing function
12:43 Fuzzing with jackalope
17:30 Conclusion
In this video, we will show you how to…