Binaries vs websites It has been half a year since my last blog post covering an IDOR in a website API. About time to write about something new and hopefully interesting! Having switched my focus from websites to binaries a new world opened up to me.

In depth walkthrough of how to use libFuzzer and OSS-Fuzz for fuzz testing a RTCP parser using the WebRTC server, Janus as an example.

A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Develo...

Modular And Compositional analysis with KLEE Engine - tum-i4/macke

A JavaScript Engine Fuzzer. Contribute to googleprojectzero/fuzzilli development by creating an account on GitHub.

Fuzzing the Kernel Using Unicornafl and AFL++. Contribute to fgsect/unicorefuzz development by creating an account on GitHub.

A fuzzer framework built in Rust. Contribute to microsoft/lain development by creating an account on GitHub.

A fuzzing tool for closed-source binaries based on Unicorn and LibFuzzer - GitHub - PAGalaxyLab/uniFuzzer: A fuzzing tool for closed-source binaries based on Unicorn and LibFuzzer

DynamoRIO plugin to get ASAN and SanitizerCoverage compatible output for closed-source executables - googleprojectzero/DrSancov

A set of helpers and examples to fuzz Win32 binaries with AFL++ QEMU - AFLplusplus/Fuzz-With-Wine-Demo

JQF + Zest: Coverage-guided semantic fuzzing for Java. - rohanpadhye/JQF

Frida-based general purpose fuzzer. Contribute to demantz/frizzer development by creating an account on GitHub.

Research By: Slava Makkaveev Trusted Execution Environment TrustZone is a security extension integrated by ARM into the Corex-A processor. This extension creates an isolated virtual secure world which can be used by the main operating system running on the…

An example on how to do performant in-memory fuzzing with AFL++ and Frida - andreafioraldi/frida-js-afl-instr

A fast Rust-based safe and thead-friendly grammar-based fuzz generator - gamozolabs/fzero_fuzzer

pentest research exploits security writeup - you name IT.

This experimetal fuzzer is meant to be used for API in-memory fuzzing. - andreafioraldi/frida-fuzzer

the Network Protocol Fuzzer that we will want to use. - nccgroup/fuzzowski

Fuzzer queue cached in the process to minimize the exchanged messages and speedup remote fuzzing (e.g. Android via adb)
Stalker transform in CModule to speedup not-x64 targets
Support to fuzzer dic...