Linux Hardening – State of Linux Snapshot Fuzzing
| |

Linux Hardening – State of Linux Snapshot Fuzzing

Linux Hardening State of Linux Snapshot Fuzzing What is snapshot fuzzing ? Fuzzing is a well-established technique for finding software vulnerabilities, and snapshot fuzzing represents a significant advancement, enhancing efficiency and expanding the scope of testable software. Snapshot fuzzing is particularly valuable in application security where it enables thorough black-box testing of applications, regardless of…

Attacking & Fuzzing Polkadot Node – Triggering Denial-of-Service via Gossamer RPC Flaws​
| | | | |

Attacking & Fuzzing Polkadot Node – Triggering Denial-of-Service via Gossamer RPC Flaws​

Attacking & Fuzzing of Polkadot Node Triggering Denial-of-Service via Gossamer RPC Flaws Gossamer is a Go-based implementation of a Polkadot node, developed by ChainSafe Systems. It allows interaction with the Polkadot network, enabling users to participate as full nodes, validators, or other roles. In this post, we will show you what we did to find…

How Fuzzing Could Have Prevented the zkLend Hack​
| | | |

How Fuzzing Could Have Prevented the zkLend Hack​

rediscovery of the starknet zklend hack How Fuzzing Could Have Prevented the zkLend Hack The recent zkLend hack has stirred up significant discussion in the community, and today we’d like to share some insights from our deep dive into the vulnerability using fuzzing techniques at FuzzingLabs. Our investigation reveals that a simple fuzzing test could…

Recon Fuzzing Windows Userland Applications Training by FuzzingLabs
| | | | |

Recon 2025 – Fuzzing Windows Userland Applications On-site Training

REcon 2025 – Training Announcement Fuzzing Windows Userland Applications Training Master the art of uncovering vulnerabilities in Windows applications with our in-depth Windows Fuzzing training at ReCon 2025! This hands-on course will guide you through the fundamentals of fuzzing, advanced techniques like grammar-based and symbolic execution, and real-world applications targeting browsers, antivirus software, and more….

Story Security Assessment Completed
| | | | |

Story Security Assessment Completed

Story / Security Assessment Completed Strengthening Blockchain-Based IP Management At FuzzingLabs we recently completed a comprehensive security assessment of Story, a decentralized network that aims to revolutionize intellectual property (IP) management. This audit was undertaken to ensure the security and resilience of its blockchain-based infrastructure, smart contracts, and consensus mechanisms. Below, we provide an overview…

offensivecon 2025 browser fuzzing binary gecko
| | | | | |

OffensiveCon 2025 – Practical Browser Fuzzing On-site Training

OffensiveCon 2025 – Training Announcement Practical Web Browser Fuzzing Training Kickstart your journey into the intricate world of web browser fuzzing at OffensiveCon 2025! This exclusive training, led by experts Patrick Ventuzelo and Tanguy Duhamel, is your opportunity to master advanced fuzzing techniques and uncover vulnerabilities in some of the most widely used software globally….

fuzzing news newsletter august september 2024
|

Fuzzing News / August & September 2024

Fuzzing Newsletter August & September 2024 📺 Videos/Podcasts Fuzzing for Bugs 🎸🤘 AI-generated Rock Song for Security Researcher 😎 – 📝 Blogposts/Papers/Slides SoK: Where to Fuzz? Assessing Target Selection Methods in Directed Fuzzing – https://www.mlsec.org/docs/2024c-asiaccs.pdf Expand the reach of Fuzzing – https://thuanpv.github.io/publications/NUS_Summer_School_Thuan_Pham_Final_Public.pdf On Understanding and Forecasting Fuzzers Performance with Static Analysis – https://s3.eurecom.fr/docs/ccs24_zhang.pdf Ring Around The Regex: Lessons…

worldcoin optee ord foundation op-tee trusctzone fuzzer fuzzing
| | |

FuzzingLabs and the Worldcoin Foundation Partner to Enhance the Security in the Worldcoin Orb

FuzzingLabs and the Worldcoin Foundation Partner to Enhance the Security in the Worldcoin Orb Introduction We are thrilled to announce an exciting partnership between FuzzingLabs and the Worldcoin Foundation. Fuzzing Labs team, in close collaboration with Worldcoin contributing teams will work on OP-TEE fuzzing enhancing the Worldcoin Orb integrity, protection of biometric data and transaction…

fuzzing news newsletter fuzzinglabs july 2024
|

Newsletter – Fuzzing News / July 2024

📡 [Monthly Fuzzing] July 2024 📺 Videos/Podcasts How to Fuzz Your Way to Android Universal Root: Attacking Android Binder – https://www.youtube.com/watch?v=U-xSM159YLI&list=PLYvhPWR_XYJlg1SfcKdZY6eXUTPPqnh_G&index=9  📝 Blogposts/Papers/Slides Fuzzing embedded systems – Part 1, Introduction – https://blog.sparrrgh.me//fuzzing/embedded/2024/06/05/fuzzing-embedded-systems-1.html Driving forward in Android drivers – https://googleprojectzero.blogspot.com/2024/06/driving-forward-in-android-drivers.html Automated security testing of unexplored targets through feedback-guided fuzzing – https://depositonce.tu-berlin.de/items/c3aaf2ec-8036-4651-a609-9c3b11a7f705 Finding mispriced opcodes with fuzzing…

fuzzing news newsletter fuzzinglabs june 2024
|

Newsletter – Fuzzing News / June 2024

📡 [Monthly Fuzzing] June 2024 📺 Videos/Podcasts FuzzyAI: Attacking LLMs With Coverage-Guided Fuzzing – https://youtu.be/hBPiiaUiOH8?si=nUE5JHVrdFxgQbR5 Your NVMe Had Been Syz’ed – https://youtu.be/Jc25CM1Ppgo?si=jsz0Beqpr2nJ6h8g Linux Fuzzing Tutorial with AFL Fuzzer – https://www.youtube.com/watch?v=g6BQ-Ae_E4Q A Bug Hunter’s Reflections on Fuzzing – https://a13xp0p0v.github.io/img/Alexander_Popov-Reflections_on_Fuzzing.pdf / https://www.youtube.com/watch?v=wTbFmdx7wG8 📝 Blogposts/Papers/Slides Your NVMe Had Been Syz’ed: Fuzzing NVMe-oF/TCP Driver for Linux with Syzkaller –…