tsffs: A snapshotting, coverage-guided fuzzer for software (UEFI, Kernel, firmware, BIOS) built on SIMICS - https://github.com/intel/tsffs
GitHub
GitHub - intel/tsffs: A snapshotting, coverage-guided fuzzer for software (UEFI, Kernel, firmware, BIOS) built on SIMICS
A snapshotting, coverage-guided fuzzer for software (UEFI, Kernel, firmware, BIOS) built on SIMICS - intel/tsffs
❤2
How to use vulhub - Dockerized Vulnerability Replication - https://www.youtube.com/watch?v=z0W3tfNQ-XQ
YouTube
How to use vulhub - Dockerized Vulnerability Replication
🎥 Video Overview:
Welcome to fuzzing.in! In this tutorial, we dive into the world of cybersecurity and vulnerability replication using Vulhub, a powerful tool that provides a Dockerized environment for simulating a wide range of security issues.
00:00 Introduction…
Welcome to fuzzing.in! In this tutorial, we dive into the world of cybersecurity and vulnerability replication using Vulhub, a powerful tool that provides a Dockerized environment for simulating a wide range of security issues.
00:00 Introduction…
❤3
Lost in Translation: A Study of Bugs Introduced by Large Language Models while Translating Code: paper - https://arxiv.org/abs/2308.03109, code - https://github.com/Intelligent-CAT-Lab/PLTranslationEmpirical
arXiv.org
Lost in Translation: A Study of Bugs Introduced by Large Language...
Code translation aims to convert source code from one programming language (PL) to another. Given the promising abilities of large language models (LLMs) in code synthesis, researchers are...
❤3
Fuzz Everything, Everywhere, All at Once: Advanced QEMU-based fuzzing - slides: https://fahrplan.events.ccc.de/congress/2023/fahrplan/system/event_attachments/attachments/000/004/435/original/aflplusplus-ccc-libafl_emu_%282%29.pdf / video: https://media.ccc.de/v/37c3-12102-fuzz_everything_everywhere_all_at_once
❤5🔥1
Finding The .webp Vulnerability in 8s (Fuzzing with AFL++) - https://www.youtube.com/watch?v=PJLWlmp8CDM
YouTube
Finding The .webp Vulnerability in 8s (Fuzzing with AFL++)
A guide on how to do fuzzing with AFL++ in an attempt to rediscover the libwebp vulnerability CVE-2023-4863 that was used to hack iPhones.
Want to learn hacking? Signup to https://hextree.io (ad)
Buy my shitty font: https://shop.liveoverflow.com/ (ad)
Watch…
Want to learn hacking? Signup to https://hextree.io (ad)
Buy my shitty font: https://shop.liveoverflow.com/ (ad)
Watch…
🤯4🔥3😁1
SimpleNTSyscallFuzzer: Fuzzer for Windows kernel syscalls - https://github.com/waleedassar/SimpleNTSyscallFuzzer
GitHub
GitHub - waleedassar/SimpleNTSyscallFuzzer
Contribute to waleedassar/SimpleNTSyscallFuzzer development by creating an account on GitHub.
👍2🔥1
Underutilized Fuzzing Strategies for Modern Software Testing - https://www.youtube.com/watch?v=fMzeIv4U4LI
YouTube
Underutilized Fuzzing Strategies for Modern Software Testing
Trail of Bits hosted one of LibAFL's maintainers and CISPA PhD candidate, Addison Crump, for our weekly internal Lunch and Learn session. While fuzzing is commonly associated with memory corruption vulnerabilities, it also has great potential for invariant…
👍4❤1
SoK: Prudent Evaluation Practices for Fuzzing - https://mschloegel.me/paper/schloegel2024sokfuzzevals.pdf
👍3🔥2😁1
Lucid: An educational Bochs-based snapshot fuzzer project - https://github.com/h0mbre/Lucid
GitHub
GitHub - h0mbre/Lucid: An educational Bochs-based snapshot fuzzer project
An educational Bochs-based snapshot fuzzer project - h0mbre/Lucid
😁3👍2
KernelGPT: Enhanced Kernel Fuzzing via Large Language Models - https://arxiv.org/pdf/2401.00563.pdf
👍3
Fuzzer Development: Sandboxing Syscalls - https://h0mbre.github.io/Lucid_Context_Switching/#
The Human Machine Interface
Fuzzer Development 2: Sandboxing Syscalls
Introduction If you haven’t heard, we’re developing a fuzzer on the blog these days. I don’t even know if “fuzzer” is the right word for what we’re building, it’s almost more like an execution engine that will expose hooks? Anyways, if you missed the first…
👍2
Continuously fuzzing Python C extensions - https://blog.trailofbits.com/2024/02/23/continuously-fuzzing-python-c-extensions/
The Trail of Bits Blog
Continuously fuzzing Python C extensions
Deserializing, decoding, and processing untrusted input are telltale signs that your project would benefit from fuzzing. Yes, even Python projects. Fuzzing helps reduce bugs in high-assurance software developed in all programming languages. Fortunately for…
👍1
Large Language Model guided Protocol Fuzzing - https://www.ndss-symposium.org/wp-content/uploads/2024-556-paper.pdf
❤3😁2
U-Fuzz: Stateful Fuzzing of IoT Protocols on COTS Devices - https://github.com/asset-group/U-Fuzz
GitHub
GitHub - asset-group/U-Fuzz: Towards Universal Fuzzing of IoT Protocols.
Towards Universal Fuzzing of IoT Protocols. Contribute to asset-group/U-Fuzz development by creating an account on GitHub.
❤4
Fuzzer Development 3: Building Bochs, MMU, and File I/0 - https://h0mbre.github.io/Loading_Bochs/#
The Human Machine Interface
Fuzzer Development 3: Building Bochs, MMU, and File I/0
Background
👍3
snapshot: A Rust WinDbg extension that takes a snapshot of a running VM - https://github.com/0vercl0k/snapshot
GitHub
GitHub - 0vercl0k/snapshot: WinDbg extension written in Rust to dump the CPU / memory state of a running VM
WinDbg extension written in Rust to dump the CPU / memory state of a running VM - 0vercl0k/snapshot
👍3