Fuzzing floating point code
In this article I demonstrate how to fuzz test floating point code using libFuzzer.
This shouldn't have happened: A vulnerability postmortem
Posted by Tavis Ormandy, Project Zero Introduction This is an unusual blog post. I normally wri...
This shouldn't have happened: A vulnerability postmortem
Posted by Tavis Ormandy, Project Zero Introduction This is an unusual blog post. I normally wri...
oss-fuzz/README.md at master · google/oss-fuzz
OSS-Fuzz - continuous fuzzing for open source software. - google/oss-fuzz
Introducing Ruzzy, a coverage-guided Ruby fuzzer
Trail of Bits is excited to introduce Ruzzy, a coverage-guided fuzzer for pure Ruby code and Ruby C extensions. Fuzzing helps find bugs in software that processes untrusted input. In pure Ruby, these bugs may result in unexpected exceptions that could lead to denial of service, and in Ruby C extensions, they […]
Patch Fast, Pull Slow: Defending in the Year of Copy Fail
AI is finding bugs faster, researchers pile on the moment one drops, and registries ship malware by the hundred-thousand. Defenders are caught between two contradictory imperatives. The fix is architectural, not temporal.
Security and Correctness in Wasmtime
The essence of software engineering is making trade-offs, and sometimesengineers even trade away security for other priorities. When it comes torunning untrusted code from unknown sources, however, exceptionally strongsecurity is simply ...
Bytecode Alliance: One year update
We announced the Bytecode Alliance nearly a year ago, and since then it has been… quite a year 😬
GitHub - bytecodealliance/wasmtime at blog.entropy.observer
A lightweight WebAssembly runtime that is fast, secure, and standards-compliant - bytecodealliance/wasmtime
Fuzzing for wolfSSL
Larry Stefonic of wolfSSL contacted me after he’d noticed my project for fuzzing cryptographic libraries called Cryptofuzz. We agreed that I would write a Cryptofuzz module for wolfSSL. I activated…
Writing a Test Case Generator for a Programming Language
Maxime Chevalier-Boisvert requested resources for learning about fuzzingprogramming language implementations on Twitter:
Security and Correctness in Wasmtime
Note: I am cross-posting this article to my personal blog. The original ison the Bytecode Allianceblog.
GitHub - bytecodealliance/wasmtime: A lightweight WebAssembly runtime that is fast, secure, and standards-compliant
A lightweight WebAssembly runtime that is fast, secure, and standards-compliant - bytecodealliance/wasmtime
Browser fuzzing at Mozilla – Mozilla Hacks - the Web developer blog
Mozilla has been fuzzing Firefox for a while. It has proven to be one of the most efficient ways to identify quality and security issues.
GitHub - google/oss-fuzz: OSS-Fuzz - continuous fuzzing for open source software.
OSS-Fuzz - continuous fuzzing for open source software. - google/oss-fuzz
GitHub - bytecodealliance/wasmtime: A lightweight WebAssembly runtime that is fast, secure, and standards-compliant
A lightweight WebAssembly runtime that is fast, secure, and standards-compliant - bytecodealliance/wasmtime