TL;DR: Can we use GPUs to get 10x performance/dollar when fuzzing embedded software in the cloud? Based on our preliminary work, we think the answer is yes! Fuzzing is a software testing technique that supplies programs with many randomized inputs in an attempt…

The blog

We continue to describe our approaches to searching for vulnerabilities in industrial systems based on the OPC UA protocol. In this article, we examine new techniques that can be used to search for memory corruption vulnerabilities if the source code is available.…

This playlist contains lots of fuzzing video tutorials on various fuzzers. don't forget to like, subscribe and share my channel. #AFL #AFLplusplus #libafl #h...

For clarity and brevity, the code referenced below has been distilled to simplest form.  The complete versions which were actually used for...

Regularly updated reading list for core concepts required to exploit browsers

Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read - 0xricksanchez/paper_collection

Fresh from Microsoft Research, the RESTLer fuzzer is a new REST fuzzing tool, it relies on a OpenAPI/Swagger specification to create and…

A self-hosted Fuzzing-As-A-Service platform. Contribute to microsoft/onefuzz development by creating an account on GitHub.

Wfuzz is a security tool to do fuzzing of web applications. It is modular and can be used to discover and exploit web application vulnerabilities. This makes the tool useful for both developers as security professionals.

Microsoft researchers open source the first stateful REST API fuzzing tool designed to make cloud services more reliable and secure. Learn how RESTler automatically tests and finds security bugs through their REST APIs.

A structure-aware JSON fuzzer

This is a review of SFTPfuzzer with features, strenghts and weaknesses, and comparisons with other alternatives for SFTPfuzzer.