Hey,
Happy New Year 🎉 and all the best for 2024!
Here is the latest fuzzing news released last month!
📺 Videos/Podcasts
USENIX Security '23 - Forming Faster Firmware Fuzzers - https://www.youtube.com/watch?v=mLnLs6tA7bM
IPFS OSINT & Blockchain CTI: Exploring IPFS Data Collection & Analysis - https://youtu.be/Pp_3t2VV1W0
How to use vulhub - Dockerized Vulnerability Replication - https://www.youtube.com/watch?v=z0W3tfNQ-XQ
Fuzz Everything, Everywhere, All at Once: Advanced QEMU-based fuzzing - slides: https://fahrplan.events.ccc.de/congress/2023/fahrplan/system/event_attachments/attachments/000/004/435/original/aflplusplus-ccc-libafl_emu_%282%29.pdf / video: https://media.ccc.de/v/37c3-12102-fuzz_everything_everywhere_all_at_once
Fuzzing the TCP/IP stack - video: https://media.ccc.de/v/37c3-12235-fuzzing_the_tcp_ip_stack
📝 Blogposts/Papers/Slides
Semantic fuzzing of the Rust compiler and interpreter - https://ethz.ch/content/dam/ethz/special-interest/infk/inst-pls/plf-dam/documents/StudentProjects/MasterTheses/2023-Andy-Thesis.pdf
tmpout vol3 - "silver bullet to elf consumer projects" (fuzzing projects that take ELFs as input) - https://tmpout.sh/3/09.html
Fuzzing WeChat’s Wxam Parser - https://signal-labs.com/fuzzing-wechats-wxam-parser/
A LibAFL Introductory Workshop - https://www.atredis.com/blog/2023/12/4/a-libafl-introductory-workshop
Revisiting Neural Program Smoothing for Fuzzing - https://dl.acm.org/doi/pdf/10.1145/3611643.3616308
Fuzzing: The Age of Vulnerability Discovery - https://fuzzing.io/hushcon23.pdf
Structure-Aware Fuzzing With AFL - https://devilinside.me/blogs/afl-structure-aware-fuzzing-protobuf-mutator
Lost in Translation: A Study of Bugs Introduced by Large Language Models while Translating Code: paper - https://arxiv.org/abs/2308.03109, code - https://github.com/Intelligent-CAT-Lab/PLTranslationEmpirical
⚙️ Tools/Repositories
kudelskisecurity/fuzzomatic: Automatically fuzz Rust projects from scratch using AI - https://github.com/kudelskisecurity/fuzzomatic
tsffs: A snapshotting, coverage-guided fuzzer for software (UEFI, Kernel, firmware, BIOS) built on SIMICS - https://github.com/intel/tsffs
See you next month and take care!
📡 Fuzzinglabs Socials: Twitter | Telegram | Youtube
Patrick