Welcoem to posts!!
in the future - u will be able to do some more stuff here,,,!! like pat catgirl- i mean um yeah... for now u can only see others's posts :c
Hey,
Here is the latest fuzzing news released last month!
Web version: fuzzinglabs.com/newsletter-fuzzing-news-june-2024/
📺 Videos/Podcasts
FuzzyAI: Attacking LLMs With Coverage-Guided Fuzzing - https://youtu.be/hBPiiaUiOH8?si=nUE5J...
Your NVMe Had Been Syz'ed - https://youtu.be/Jc25CM1Ppgo?si=jsz0B...
Linux Fuzzing Tutorial with AFL Fuzzer - https://www.youtube.com/watch?v=g6BQ-...
A Bug Hunter’s Reflections on Fuzzing - a13xp0p0v.github.io/img/Alexander_Popov-Reflection… / https://www.youtube.com/watch?v=wTbFm...
📝 Blogposts/Papers/Slides
Your NVMe Had Been Syz’ed: Fuzzing NVMe-oF/TCP Driver for Linux with Syzkaller - www.cyberark.com/resources/threat-research-blog/yo…
Coverage guided fuzzing for native Android libraries (Frida & Radamsa) - knifecoat.com/Posts/Coverage+guided+fuzzing+for+na…)
Large Language Model guided
Protocol Fuzzing - mboehme.github.io/paper/NDSS24.pdf
Talos releases new macOS open-source fuzzer - blog.talosintelligence.com/talos-releases-new-maco…
To Boldly Go Where No Fuzzer Has Gone Before: Finding Bugs in Linux’ Wireless Stacks through VirtIO Devices - www.computer.org/csdl/proceedings-article/sp/2024/…
Everything is Good for Something: Counterexample-Guided Directed Fuzzing via
Likely Invariant Inference - nebelwelt.net/files/24Oakland2.pdf
Hunting bugs in Nginx JavaScript engine (njs) - 0xbigshaq.github.io/2024/05/24/njs-vr-bugs/
Introducing LLM-based harness synthesis for unfuzzed projects - blog.oss-fuzz.com/posts/introducing-llm-based-harn…
TSS @ NUS - Fuzz Testing publications: nus-tss.github.io/fuzzing/publications/
Democratizing Fuzzing at Scale - drive.google.com/file/d/1lUFIugzEy1eBBWkLDHC_hzRfa…
Thread on (counter-)intuitive fuzzing behavior and statistics - x.com/mboehme_/status/1795828470221820382
Blackbox-Fuzzing of IoT Devices Using the Router TL-WR902AC as Example - tsmr.eu/blackbox-fuzzing.html
⚙️ Tools/Repositories
github.com/user1342/AutoCorpus: AutoCorpus is a tool backed by a large language model (LLM) for automatically generating corpus files for fuzzing.
github.com/lus33rr/AyedFuzzer: AyedFuzzer is a small Fuzzer with 3 options (File mutating, WinDbg-interactive monitor, multi-processing) for windows executables
Cisco-Talos/snap_wtf_macos: WTF Snapshot fuzzing of macOS targets - github.com/Cisco-Talos/snap_wtf_macos
github.com/seemoo-lab/VirtFuzz: VirtFuzz is a Linux Kernel Fuzzer that uses VirtIO to provide inputs into the kernels subsystem. It is built with LibAFL.
See you next month and take care!
Patrick
2 - 3
Welcome to the FuzzingLabs Youtube channel ;)
We are teaching fuzzing and vulnerability research around a lot of subjects like Rust, Golang, Python, WebAssembly and Blockchain. We might do a bit of reverse engineering and exploitation as well ;)
Check our academy website if you're interested in learning more with our dedicated security trainings ;)