All our latest Blogpost and News about Fuzzing!
When Debug Logs Go Wrong & Crash Your gRPC Node Deep Dive into Astria-Geth GRPC Logging Bug In blockchain technology, even small mistakes can cause big problems. Imagine if sending an empty request to a node’s API could crash the entire node. Hard to believe? That’s exactly what we found in the Astria-geth node. In…
Fuzzing Newsletter August & September 2024 📺 Videos/Podcasts Fuzzing for Bugs 🎸🤘 AI-generated Rock Song for Security Researcher 😎 – 📝 Blogposts/Papers/Slides SoK: Where to Fuzz? Assessing Target Selection Methods in Directed Fuzzing – https://www.mlsec.org/docs/2024c-asiaccs.pdf Expand the reach of Fuzzing – https://thuanpv.github.io/publications/NUS_Summer_School_Thuan_Pham_Final_Public.pdf On Understanding and Forecasting Fuzzers Performance with Static Analysis – https://s3.eurecom.fr/docs/ccs24_zhang.pdf Ring Around The Regex: Lessons…
📡 [Monthly Fuzzing] July 2024 📺 Videos/Podcasts How to Fuzz Your Way to Android Universal Root: Attacking Android Binder – https://www.youtube.com/watch?v=U-xSM159YLI&list=PLYvhPWR_XYJlg1SfcKdZY6eXUTPPqnh_G&index=9 📝 Blogposts/Papers/Slides Fuzzing embedded systems – Part 1, Introduction – https://blog.sparrrgh.me//fuzzing/embedded/2024/06/05/fuzzing-embedded-systems-1.html Driving forward in Android drivers – https://googleprojectzero.blogspot.com/2024/06/driving-forward-in-android-drivers.html Automated security testing of unexplored targets through feedback-guided fuzzing – https://depositonce.tu-berlin.de/items/c3aaf2ec-8036-4651-a609-9c3b11a7f705 Finding mispriced opcodes with fuzzing…
📡 [Monthly Fuzzing] June 2024 📺 Videos/Podcasts FuzzyAI: Attacking LLMs With Coverage-Guided Fuzzing – https://youtu.be/hBPiiaUiOH8?si=nUE5JHVrdFxgQbR5 Your NVMe Had Been Syz’ed – https://youtu.be/Jc25CM1Ppgo?si=jsz0Beqpr2nJ6h8g Linux Fuzzing Tutorial with AFL Fuzzer – https://www.youtube.com/watch?v=g6BQ-Ae_E4Q A Bug Hunter’s Reflections on Fuzzing – https://a13xp0p0v.github.io/img/Alexander_Popov-Reflections_on_Fuzzing.pdf / https://www.youtube.com/watch?v=wTbFmdx7wG8 📝 Blogposts/Papers/Slides Your NVMe Had Been Syz’ed: Fuzzing NVMe-oF/TCP Driver for Linux with Syzkaller –…
📡 [Monthly Fuzzing] May 2024 📺 Videos/Podcasts Discoveries from Analyzing 141 Real-World ZK-SNARK Vulnerabilities! 🧐 – https://youtu.be/oxvcEXha69c https://youtu.be/oxvcEXha69c 📝 Blogposts/Papers/Slides ImageIO, the infamous iOS Zero Click Attack Vector. – https://r00tkitsmm.github.io/fuzzing/2024/03/29/iOSImageIO.html The Windows Registry Adventure #1: Introduction and research results – https://googleprojectzero.blogspot.com/2024/04/the-windows-registry-adventure-1.html A Basic Guide to AFL QEMU – https://medium.com/@cy1337/a-basic-guide-to-afl-qemu-495df504b5fb ⚙️ Tools/Repositories what the fuzz: Linux…
RingZer0 2023 – Training Announcement Practical Web Browser Fuzzing Training Kickstart your journey into the intricate world of web browser fuzzing at RingZer0 2023! This exclusive training, led by expert Patrick Ventuzelo, is your opportunity to master advanced fuzzing techniques and uncover vulnerabilities in some of the most widely used software globally. Overview Web browsers are…
Recon 2023 – Training Announcement Practical Web Browser Fuzzing Training Kickstart your journey into the intricate world of web browser fuzzing at Recon 2023! This exclusive training, led by experts Patrick Ventuzelo, is your opportunity to master advanced fuzzing techniques and uncover vulnerabilities in some of the most widely used software globally. Overview Web browsers…
OffensiveCon 2023 – Training Announcement Practical Web Browser Fuzzing Training Kickstart your journey into the intricate world of web browser fuzzing at OffensiveCon 2023! This exclusive training, led by expert Patrick Ventuzelo, is your opportunity to master advanced fuzzing techniques and uncover vulnerabilities in some of the most widely used software globally. Overview Web browsers are…
Recon 2022 – Training Announcement Practical Web Browser Fuzzing Training Kickstart your journey into the intricate world of web browser fuzzing at Recon 2022! This exclusive training, led by experts Patrick Ventuzelo, is your opportunity to master advanced fuzzing techniques and uncover vulnerabilities in some of the most widely used software globally. Overview Web browsers…
Fuzzing Rust using cargo-libafl (LibAFL-based fuzzer) In this video, we are testing cargo-libafl, the new LibAFL-based fuzzer for Rust fuzzing. This new cargo utility is a replacement for (and a fork of) cargo-fuzz to use a LibAFL-based fuzzer instead of libfuzzer. Let’s see how it performs compare to libfuzzer. https://youtu.be/0gpGA80DA0s NOTES You will get access…
| Cookie | Duration | Description |
|---|---|---|
| cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
| cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
| cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
| cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
| cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
| viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |