A Journey into Fuzzing WebAssembly Virtual Machine [BHUSA 2022] - https://youtu.be/fnprmz2IBm0
YouTube
A Journey into Fuzzing WebAssembly Virtual Machine [BHUSA 2022]
π₯ Slides: https://fuzzinglabs.com/wp-content/uploads/2022/08/BHUSA22_fuzzing_webassembly_vm_patrick_ventuzelo.pdf
Since the MVP release in 2017, WebAssembly evolve gradually, bringing new adepts and new VM implementations over time. Itβs now possible toβ¦
Since the MVP release in 2017, WebAssembly evolve gradually, bringing new adepts and new VM implementations over time. Itβs now possible toβ¦
π2
π€― Mind-Blowing examples of OpenAI ChatGPT for Security, Infosec & Hacking - https://youtu.be/mh7wzbWAHFE
YouTube
π€― Mind-Blowing examples of OpenAI ChatGPT for Security, Infosec & Hacking
It's just mind-blowing! it's so impressive that this AI is able to answer such complex subjects as exploitation, reversing, decompilation, etc.
The is a huge potential for us in the future to go even faster into learning IT security and hacking by being helpedβ¦
The is a huge potential for us in the future to go even faster into learning IT security and hacking by being helpedβ¦
π₯6
Fuzzing ping(8) β¦ and finding a 24 year old bug - https://tlakh.xyz/fuzzing-ping.html
fpicker-aflpp-android: About Fpicker with AFL++ on Android (device or emulator) - https://github.com/marcinguy/fpicker-aflpp-android
GitHub
GitHub - marcinguy/fpicker-aflpp-android
Contribute to marcinguy/fpicker-aflpp-android development by creating an account on GitHub.
π₯2
[OpenAI ChatGPT] ChatGPT for programming, infosec, fuzzing and day to day use - Part1 - https://youtu.be/PKOtDJIwCjM
YouTube
[OpenAI ChatGPT] Mind blowing ChatGPT examples for programming, infosec, fuzzing and day to day use
00:00 Introduction
00:42 Chat GPT overview
02:20 Writing a song for hackers
04:00 Getting a rental agreement and name change application from ChatGPT
05:55 Programming
08:00 Security related things fuzzing, identifying vulnerabilities, writing a fuzzer etc.β¦
00:42 Chat GPT overview
02:20 Writing a song for hackers
04:00 Getting a rental agreement and name change application from ChatGPT
05:55 Programming
08:00 Security related things fuzzing, identifying vulnerabilities, writing a fuzzer etc.β¦
π1
YARPGen: A Compiler Fuzzer for Loop Optimizations and Data-Parallel Languages - https://www.youtube.com/watch?v=Yyj2Fex9yEo
YouTube
2022 LLVM Dev Mtg: YARPGen: A Compiler Fuzzer for Loop Optimizations and Data-Parallel Languages
2022 LLVM Developers' Meeting
https://llvm.org/devmtg/2022-11/
------
YARPGen: A Compiler Fuzzer for Loop Optimizations and Data-Parallel Languages
Speaker: Vsevolod Livinskii
------
Slides: https://llvm.org/devmtg/2022-11/slides/TechTalk20-YARPGen-CompilerFuzzer.pdfβ¦
https://llvm.org/devmtg/2022-11/
------
YARPGen: A Compiler Fuzzer for Loop Optimizations and Data-Parallel Languages
Speaker: Vsevolod Livinskii
------
Slides: https://llvm.org/devmtg/2022-11/slides/TechTalk20-YARPGen-CompilerFuzzer.pdfβ¦
π4
How OSS-Fuzz Works: A Guide to Fuzz Testing for Open Source Projects - https://youtu.be/OBxCDsJ-0aM
YouTube
[Fuzzing with OSS-Fuzz] How OSS-Fuzz Works: A Guide to Fuzz Testing for Open Source Projects
00:00 Introduction
00:30 What is oss-fuzz
03:50 oss-fuzz github repo, projects, dockers files etc.
07:35 Understaning libtiff oss-fuzz build file and fuzzing harness
18:21 Configuring oss-fuzz on local system creating docker image and building fuzzers
25:16β¦
00:30 What is oss-fuzz
03:50 oss-fuzz github repo, projects, dockers files etc.
07:35 Understaning libtiff oss-fuzz build file and fuzzing harness
18:21 Configuring oss-fuzz on local system creating docker image and building fuzzers
25:16β¦
π1
How to fuzz your Java projects using CI Fuzz CLI in Gradle - https://youtu.be/sBycRQfnAv4
YouTube
How to fuzz your Java projects using CI Fuzz CLI in Gradle
With CI Fuzz CLI, Java, developers can integrate fuzz tests into their unit testing setups (e.g. JUnit).
In this video, Josh demos how easy this can be done in Gradle.
For a deeper dive, check out our live stream: https://www.code-intelligence.com/webinar/beyondβ¦
In this video, Josh demos how easy this can be done in Gradle.
For a deeper dive, check out our live stream: https://www.code-intelligence.com/webinar/beyondβ¦
Fuzzing the Shield: CVE-2022β24548 - https://medium.com/s2wblog/fuzzing-the-shield-cve-2022-24548-96f568980c0
Medium
Fuzzing the Shield: CVE-2022β24548
Author: Daejin Lee, Seunghoe Kim, Donguk Kim, Eugene Jang
π2
Finding JIT Optimizer Bugs using SMT Solvers and Fuzzing - https://www.pypy.org/posts/2022/12/jit-bug-finding-smt-fuzzing.html
PyPy
Finding JIT Optimizer Bugs using SMT Solvers and Fuzzing
In this blog post I want to describe a recent bug finding technique that I've
added to the PyPy JIT testing infrastructure. This technique uses the Z3
theorem prover to find bugs in the optimizer of P
added to the PyPy JIT testing infrastructure. This technique uses the Z3
theorem prover to find bugs in the optimizer of P
π₯1
Going Beyond Unit Testing | How to Uncover Blind Spots in your Java Code with Fuzzing - https://youtu.be/8yECb-p3cQI
YouTube
Going Beyond Unit Testing | How to Uncover Blind Spots in your Java Code with Fuzzing
While most Java developers already use unit testing to test whether their application behaves as expected, complementary testing approaches such as fuzz testing enable them to also check their applications for unexpected or strange behaviors that could leadβ¦
Understanding Fuzz Testing in Go - https://blog.jetbrains.com/go/2022/12/14/understanding-fuzz-testing-in-go/
The JetBrains Blog
Understanding Fuzz Testing in Go | The GoLand Blog
Our latest blog post will teach you how to run fuzz tests in GoLand. You'll also learn about the advantages and disadvantages of fuzzing, and even some advanced fuzzing techniques.
π2
ispras/casr: Collect crash reports, triage, and estimate severity - https://github.com/ispras/casr
GitHub
GitHub - ispras/casr: Collect crash (or UndefinedBehaviorSanitizer error) reports, triage, and estimate severity.
Collect crash (or UndefinedBehaviorSanitizer error) reports, triage, and estimate severity. - ispras/casr
π₯6π3
Offensive Software Exploitation (OSE) Course - https://github.com/ashemery/exploitation-course
GitHub
GitHub - ashemery/exploitation-course: Offensive Software Exploitation Course
Offensive Software Exploitation Course. Contribute to ashemery/exploitation-course development by creating an account on GitHub.
Fuzzing IDOR Vulnerability With ZAP! - https://www.youtube.com/watch?v=GAQd85oo6ZU
YouTube
Fuzzing IDOR Vulnerability With ZAP!
Burp is great, but ZAP has been around awhile. ZAP's version of Burp's repeater is so simple to use. I highly recommend adding ZAP to your list of go-to tools.
Thanks for watching
https://www.buymeacoffee.com/redbluelabs
https://apt-secure.ca
0:00-0:38β¦
Thanks for watching
https://www.buymeacoffee.com/redbluelabs
https://apt-secure.ca
0:00-0:38β¦
π1
GLeeFuzz: Fuzzing WebGL Through Error Message Guided Mutation - https://www.usenix.org/system/files/sec23summer_249-peng-prepub.pdf
π3
Fuzzing Hidden Directories & Files with Ffuf - https://blog.stealthsecurity.io/fuzzing-hidden-directories-files-with-ffuf/
π3
Fuzzing goblin (Rust:crab:!) project with Sydr and AFLplusplus - https://github.com/ispras/oss-sydr-fuzz/wiki/Fuzzing-goblin-(Rust:crab:!)-project-with-Sydr-and-AFLplusplus
GitHub
Fuzzing goblin (Rust:crab:!) project with Sydr and AFLplusplus
OSS-Sydr-Fuzz - OSS-Fuzz fork for hybrid fuzzing (fuzzer+DSE) open source software. - Fuzzing goblin (Rust:crab:!) project with Sydr and AFLplusplus Β· ispras/oss-sydr-fuzz Wiki
π₯7π1π1