Hey,
Here is the latest fuzzing news released last month ;)
📺 Videos/Podcasts
- Fuzzing Solidity/Ethereum Smart Contract using Foundry/Forge - link
- The Hunt for CVE-2023-0286: Replicating OpenSSL's Latest Vulnerability - link
📝 Blogposts/Papers/Slides
- Taking the next step: OSS-Fuzz in 2023 - link
- Reachable Coverage: Estimating Saturation in Fuzzing - paper
- Research for Practice: The Fun in Fuzzing - paper
- Icicle: A Re-Designed Emulator for Grey-Box Firmware Fuzzing - paper
- Fuzzers for stateful systems: Survey and Research Directions - paper
- Behind the Scenes: How we are securing our new PDF stack - link
- Harness the Power of Cannoli: Implementing a Program Backtrace - link
- Can sanitizers find the two bugs I wrote in C++? - link
- Fuzzing ATM/POS protocols like a Boss - link
- One Weird Trick to Improve Bug Finding With ASAN - link
- cURL audit: How a joke led to significant findings - link
- Invariant Testing WETH With Foundry - link
- Replicating CVEs with KLEE - link
- CODAMOSA: Escaping Coverage Plateaus in Test Generation with Pre-trained Large Language Models - paper
- How To Fuzz JavaScript With Jest And Jazzer.Js - link
⚙️ Tools/Repositories
- LibAFL 0.9.0 is out - link