Fuzzing blogpost focused on fuzzing, vulnerability research, WebAssembly and Rustlang | Fuzzing Labs.
Ziion: Kali Linux for Blockchain Security Today, I’m presenting Ziion, a “Kali Linux” like VM for blockchain security engineers made by Halborn. It’s a dedicated virtual machine that contains a bunch of security tools like static analyzer, fuzzer, analyzer, etc. for various blockchain protocols and smart contract languages such as Ethereum, Solidity, EVM, Rust, Go,…
![A Journey Into Fuzzing WebAssembly Virtual Machines [BlackHat USA 2022]](https://fuzzinglabs.com/wp-content/uploads/2022/09/blachat_wasm-768x433.png)
A Journey Into Fuzzing WebAssembly Virtual Machines [BlackHat USA 2022] Abstract Since the MVP release in 2017, WebAssembly evolve gradually, bringing new adepts and new VM implementations over time. It’s now possible to run WebAssembly modules over every modern browser, in some blockchain, or using a standalone VM. In the same way that multiple JavaScript…
Starknet/Cairo Contract Reverse Engineering, Disassembly & Analysis with Thoth In this video, I will show how to reverse, disassemble, decompile and analyze Cairo smart contracts deployed on Starknet using Thoth, our Fuzzinglabs’s Cairo/Starknet bytecode analyzer, disassembler & decompiler. https://youtu.be/T0KvG8Zps6I You will get access of the complete tutorial with source code, cheat sheet and or complete…
![State of the Art of Ethereum Smart Contract Fuzzing in 2022 [EthCC5]](https://fuzzinglabs.com/wp-content/uploads/2022/07/2022-07-26_15-03-768x433.png)
State of the Art of Ethereum Smart Contract Fuzzing in 2022 [EthCC5] Fuzzing is known as one of the most efficient techniques to find bugs in software. Sadly, when dealing with Ethereum smart contracts, the number of fuzzers and documentation available is really limited. During this talk, we will explain why fuzz testing EVM smart…
Introduction to V8 JavaScript Engine Grammar-based Fuzzing with Dharma In this short hands-on workshop, we will attack the V8 JavaScript Engine using grammar-based fuzzing. First, I will show how to download a version of V8 already compiled with addressSanitizer (ASAN). Then, I will introduce how to write a Dharma grammar and finally, we will use…
Solidity/Ethereum Smart Contract Audit using SlitherBlockchain Security In this video, I will show how to audit and find vulnerabilities inside an Ethereum smart contract written in Solidity using Slither, one of the best EVM smart contract analysis tools. https://youtu.be/s3FL5caAy5w You will get access of the complete tutorial with source code, cheat sheet and or complete…
Top 7 books to learn WebAssembly in 2022 Today, I discuss my favorite books if you are looking to learn more about WebAssembly and wasm security. Learn WebAssembly – link WebAssembly in Action – link What Is WebAssembly? – link The Art of WebAssembly – link WebAssembly: The Definitive Guide – link Programming WebAssembly with…
Top 4 books to learn Web Browser Security in 2022 Today, I discuss my favorite books if you are looking to learn more about Web Browser internals and Browser security. The Tangled Web – link High-Performance Browser Networking – link / online The Browser Hacker’s Handbook – link The Google Chrome Comic – link Learn…
Fuzzing Rust using cargo-libafl (LibAFL-based fuzzer) In this video, we are testing cargo-libafl, the new LibAFL-based fuzzer for Rust fuzzing. This new cargo utility is a replacement for (and a fork of) cargo-fuzz to use a LibAFL-based fuzzer instead of libfuzzer. Let’s see how it performs compare to libfuzzer. NOTES You will get access of…
Ethereum Smart Contract Reverse Engineering & EVM Disassembly Today I’m showing how EVM disassembly works and how to reconstruct the control flow graph (CFG) of an Ethereum smart contract when you only have access to the bytecode (closed-source). It’s really useful when you’re looking to analyze in-depth a contract at the EVM bytecode level. You…
| Cookie | Duration | Description |
|---|---|---|
| cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
| cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
| cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
| cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
| cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
| viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |