Loading Das U-Boot Images in Ghidra
https://nstarke.github.io/0040-loading-uboot-images-in-ghidra.html
https://nstarke.github.io/0040-loading-uboot-images-in-ghidra.html
new build of SVPRO beta. Fuzzing and ... exit codes + JSON
https://www.rtcsec.com/post/2020/12/sipvicious-pro-beta-release-contains-sip-fuzzer-and-better-automation/
https://www.rtcsec.com/post/2020/12/sipvicious-pro-beta-release-contains-sip-fuzzer-and-better-automation/
The release of hypothesis package 5.41.5 is now available. 🥳
A library for property-based testing
https://github.com/HypothesisWorks/hypothesis
#python #fuzzing #testing #hypothesis #propertybasedtesting
A library for property-based testing
https://github.com/HypothesisWorks/hypothesis
#python #fuzzing #testing #hypothesis #propertybasedtesting
GitHub
GitHub - HypothesisWorks/hypothesis: The property-based testing library for Python
The property-based testing library for Python. Contribute to HypothesisWorks/hypothesis development by creating an account on GitHub.
Fuzzing internships for Open Source Software
http://feedproxy.google.com/~r/GoogleOnlineSecurityBlog/~3/AUsn-LZEFl4/fuzzing-internships-for-open-source.html
http://feedproxy.google.com/~r/GoogleOnlineSecurityBlog/~3/AUsn-LZEFl4/fuzzing-internships-for-open-source.html
RESTler - Stateful REST API Fuzzing Tool For Automatically Testing Cloud Services Through Their REST APIs And Finding Security And Reliability Bugs
https://github.com/microsoft/restler-fuzzer
https://github.com/microsoft/restler-fuzzer
GitHub
GitHub - microsoft/restler-fuzzer: RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services…
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services. - microsoft/restler...
Fuzzing-targets: A collection of widely-fuzzed targets
https://github.com/strongcourage/fuzzing-targets
https://github.com/strongcourage/fuzzing-targets
GitHub
GitHub - strongcourage/fuzzing-targets: A collection of widely-fuzzed targets
A collection of widely-fuzzed targets. Contribute to strongcourage/fuzzing-targets development by creating an account on GitHub.
Fuzzing Zcash with Kubernetes – Electric Coin Company
https://cryptonewmedia.press/fuzzing-zcash-with-kubernetes-electric-coin-company/
https://cryptonewmedia.press/fuzzing-zcash-with-kubernetes-electric-coin-company/
Fuzzing Bitcoin with the Defensics SDK, part 2: Fuzz the Bitcoin protocol
https://www.synopsys.com/blogs/software-security/fuzzing-bitcoin-protocol-defensics-sdk/
https://www.synopsys.com/blogs/software-security/fuzzing-bitcoin-protocol-defensics-sdk/
Synopsys
Part 2: Enhancing Bitcoin Security with Defensics SDK Fuzzing | Synopsys Blog
Explore part two of our series on using the Defensics SDK for fuzzing the Bitcoin protocol, including creating a data model for enhanced Bitcoin security.
How to build a serial port fuzzer with Defensics SDK
https://www.synopsys.com/blogs/software-security/serial-port-fuzzer-defensics-sdk/
https://www.synopsys.com/blogs/software-security/serial-port-fuzzer-defensics-sdk/
Blackduck
How to Build a Serial Port Fuzzer with Defensics SDK | Black Duck Blog
Boost your custom protocols' security with our guide on creating a serial port fuzzer using Defensics SDK API. Dive into fuzz testing with Defensics SDK.
afl++ 3.00c has arrived! Huge performance increase, great new features, many default+structural changes ... read the top of the README!
https://github.com/AFLplusplus/AFLplusplus/releases/tag/3.0c #fuzz #fuzzer #fuzzing #afl
https://github.com/AFLplusplus/AFLplusplus/releases/tag/3.0c #fuzz #fuzzer #fuzzing #afl
GitHub
Release 3.00c · AFLplusplus/AFLplusplus
Version ++3.00c (release)
llvm_mode/ and gcc_plugin/ moved to instrumentation/
examples/ renamed to utils/
moved libdislocator, libtokencap and qdbi_mode to utils/
all compilers combined to afl-cc...
llvm_mode/ and gcc_plugin/ moved to instrumentation/
examples/ renamed to utils/
moved libdislocator, libtokencap and qdbi_mode to utils/
all compilers combined to afl-cc...
This is a MUST-see for all infosec researchers - "Fuzzing: Breaking Things with Random Inputs" (part of @FuzzingBook) at
https://www.fuzzingbook.org/html/Fuzzer.html
https://www.fuzzingbook.org/html/Fuzzer.html
www.fuzzingbook.org
Fuzzing: Breaking Things with Random Inputs - The Fuzzing Book
In this chapter, we'll start with one of the simplest test generation techniques. The key idea of random text generation, also known as fuzzing, is to feed a string of random characters into a program in the hope to uncover failures.Prerequisites You should…
Root Cause Analysis of a Heap-Based Buffer Overflow in GNU Readline
https://insinuator.net/2020/12/root-cause-analysis-of-a-heap-based-buffer-overflow-in-gnu-readline/
https://insinuator.net/2020/12/root-cause-analysis-of-a-heap-based-buffer-overflow-in-gnu-readline/
Insinuator.net
Root Cause Analysis of a Heap-Based Buffer Overflow in GNU Readline
In the last blog post, we discussed how fuzzers determine the uniqueness of a crash. In this blog post, we discuss how we can manually triage a crash and determine the root cause. As an example, we use a heap-based buffer overflow I found in GNU readline…
Fuzzing. Interesting.
https://youtu.be/17ebHty54T4
"Not many know about this and that needs to change."
https://youtu.be/17ebHty54T4
"Not many know about this and that needs to change."
YouTube
Fuzzing (fuzz testing) 101: Lessons from cyber security expert Dr. David Brumley
Dr. David Brumley, Carnegie Mellon University professor and CEO of ForAllSecure, explains what fuzzing, or fuzz testing, is and how you can use it to improve application security and speed up your software development.
Get more tech tips, reviews and news…
Get more tech tips, reviews and news…