Large Language Model guided Protocol Fuzzing - https://www.ndss-symposium.org/wp-content/uploads/2024-556-paper.pdf
β€3π2
U-Fuzz: Stateful Fuzzing of IoT Protocols on COTS Devices - https://github.com/asset-group/U-Fuzz
GitHub
GitHub - asset-group/U-Fuzz: Towards Universal Fuzzing of IoT Protocols.
Towards Universal Fuzzing of IoT Protocols. Contribute to asset-group/U-Fuzz development by creating an account on GitHub.
β€4
Fuzzer Development 3: Building Bochs, MMU, and File I/0 - https://h0mbre.github.io/Loading_Bochs/#
The Human Machine Interface
Fuzzer Development 3: Building Bochs, MMU, and File I/0
Background
π3
snapshot: A Rust WinDbg extension that takes a snapshot of a running VM - https://github.com/0vercl0k/snapshot
GitHub
GitHub - 0vercl0k/snapshot: WinDbg extension written in Rust to dump the CPU / memory state of a running VM
WinDbg extension written in Rust to dump the CPU / memory state of a running VM - 0vercl0k/snapshot
π3
Using LLMs to Generate Fuzz Generators - https://verse.systems/blog/post/2024-03-09-using-llms-to-generate-fuzz-generators/
Toby's Blog
Using LLMs to Generate Fuzz Generators
LLMs seem surprisingly good at many things. So much so that not a week goes by without someone coming up with yet another use-case for this technology, often to solve tasks quickly that traditionally β¦
π1
Fuzzing in the 2020s: Novel Approaches and Solutions - https://www.eurecom.fr/publication/7452/download/sec-publi-7452.pdf
π5
SyzRetrospector: A Large-Scale Retrospective Study of Syzbot - https://arxiv.org/pdf/2401.11642.pdf
π3
Why fuzzing over formal verification? - https://blog.trailofbits.com/2024/03/22/why-fuzzing-over-formal-verification/
The Trail of Bits Blog
Why fuzzing over formal verification?
We recently introduced our new offering, invariant development as a service. A recurring question that we are asked is, βWhy fuzzing instead of formal verification?β And the answer is, βItβs complicated.β We use fuzzing for most of our audits but have usedβ¦
π4π1
Structure-Aware linux kernel Fuzzing with libFuzzer - https://r00tkitsmm.github.io/fuzzing/2024/03/27/libffuzzerkernel.html
My interesting research.
Structure-Aware linux kernel Fuzzing with libFuzzer
Hi everyone! Iβm really happy to tell you about my experimenting adventure today. I decided to experiment with KCOV and see how I can hook it into libfuzzer and boot the kernel without spending too much on building a root file system.
π4
Introducing Ruzzy, a coverage-guided Ruby fuzzer - https://blog.trailofbits.com/2024/03/29/introducing-ruzzy-a-coverage-guided-ruby-fuzzer/ / https://github.com/trailofbits/ruzzy
The Trail of Bits Blog
Introducing Ruzzy, a coverage-guided Ruby fuzzer
Trail of Bits is excited to introduce Ruzzy, a coverage-guided fuzzer for pure Ruby code and Ruby C extensions. Fuzzing helps find bugs in software that processes untrusted input. In pure Ruby, these bugs may result in unexpected exceptions that could leadβ¦
ImageIO, the infamous iOS Zero Click Attack Vector. - https://r00tkitsmm.github.io/fuzzing/2024/03/29/iOSImageIO.html
My interesting research.
ImageIO, the infamous iOS Zero Click Attack Vector.
ImageIO is Appleβs Framework that handles image parsing, which exposes 0click attack surface
π4
what the fuzz: Linux mode - https://github.com/0vercl0k/wtf/tree/main/linux_mode
GitHub
wtf/linux_mode at main Β· 0vercl0k/wtf
wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-m...
π₯4π1
Aplos Fuzzer: Aplos an extremely simple fuzzer for Windows binaries - https://github.com/20urc3/Aplos
GitHub
GitHub - 20urc3/Aplos: Aplos an extremely simple fuzzer for Windows binaries.
Aplos an extremely simple fuzzer for Windows binaries. - 20urc3/Aplos
β€3π1
Prompt Fuzzer: open-source tool to help you harden your GenAI applications - https://github.com/prompt-security/ps-fuzz
π1
The Windows Registry Adventure #1: Introduction and research results - https://googleprojectzero.blogspot.com/2024/04/the-windows-registry-adventure-1.html
Blogspot
The Windows Registry Adventure #1: Introduction and research results
Posted by Mateusz Jurczyk, Google Project Zero In the 20-month period between May 2022 and December 2023, I thoroughly audited the Win...
π€©1
https://github.com/0xricksanchez/AFL_Runner: AFLPlusPlus command generator to make the best use of multiple cores
GitHub
GitHub - 0xricksanchez/AFL_Runner: Scaling best-practice AFLPlusPlus fuzzing campaigns made easy and more
Scaling best-practice AFLPlusPlus fuzzing campaigns made easy and more - 0xricksanchez/AFL_Runner
π4π₯3
Discoveries from Analyzing 141 Real-World ZK-SNARK Vulnerabilities! π§ - https://youtu.be/oxvcEXha69c
YouTube
Discoveries from Analyzing 141 Real-World ZK-SNARK Vulnerabilities! π§
Join me for a quick review of 'SoK: What donβt we know? Understanding Security Vulnerabilities in SNARKs.' We'll discuss the key findings from the paper, focusing on the taxonomy of 141 real-world vulnerabilities in SNARK implementations and providing someβ¦
π₯4π2β€1