CASR is open-sourced: https://t.co/32nMnNd60I Triage crashes, estimate their severity, and collect reports cargo install casr #rust #fuzzing

🐝New Cilium Contributor🐝 The newest Cilium contributor is @anfedotoff They helped add support for user mode stack traces in events. https://t.co/ACIFlXGQPS

The blog post about the libwebp vulnerability fuzzing is up, it explains how I set up the experiment, how the crash was found and why oss-fuzz was not able to find it: https://t.co/wuwK2Vj6VO #fuzzing @metzmanj

As there is quite some interest about finding the libwebp bug with fuzzing, I will write a blog entry about this next week #fuzzing

My talk about #casr at OFFZONE 2023!!! Slides: https://t.co/iXChrPv0pq Video (in Russian): https://t.co/A3wJ6m3eFL #fuzzing

CASR 2.7.0 is available! https://t.co/u1kxRexjgu

Simply deduplicate and create reports for #UndefinedBehaviorSanitizer warnings with Casr: casr-ubsan -i corpus -o out -- /fuzz_target @@ https://t.co/5OA6MaBpnT #casr #defectdojo #vulnerabilitymanagement #VulnerabilityAssesment #AppSec #DevSecOps

Almost a year after my defense, my PhD thesis "Automated Security Testing of Unexplored Targets Through Feedback-Guided Fuzzing" is now archived on the university server 🎉 We fuzzed Nvidia drivers, tcp servers, basebands, WebAssembly, .. Enjoy reading :) https://t.co/aBHy2X74iP

casr-dojo: upload new and unique #crash reports found by #fuzzing to @defectdojo vulnerability management system: https://t.co/aa1RDRIOzx #casr #defectdojo #vulnerabilitymanagement #VulnerabilityAssesment #AppSec #DevSecOps #cpp #rust #go #python

https://t.co/uPqN39esnI #casr 2.6.0, what's new: casr-libfuzzer tool for triaging crashes found by libFuzzer based fuzzers (C/C++/go-fuzz/Atheris) kodama crate for clustering instead of python scipy RISCV support #fuzzing

Spice up your binary program analysis with TritonDSE ! A blog post by Christian Heitman and @RobinDavid1 introducing our framework for Dynamic Symbolic Execution in Python #symexec #fuzzing #opensource https://t.co/fay9SlKee7

I wish tutorial articles would all have a date when they got published and last updated. Followed a tutorial which was not working, spent time trying to fix it and then found out the API has been changed in 2017

As it turns out, compilers happily spill the index for indirect jumps through a jump table after bounds checking, creating a TOCTTOU race for arbitrary control-flow hijacking. Check out our @HexHiveEPFL @IEEESSP "WarpAttack" paper: https://t.co/hBYmGqeh0N

casr-libfuzzer: triage crashes in C/C++/Go/Python code found by libFuzzer/Atheris/go-fuzz casr-libfuzzer -o out -- /fuzz_target https://t.co/WK4Ewx597O #casr #fuzzing #libfuzzer #atheris #go #python #cpp

https://t.co/T0DROqYK9Z #casr 2.5.0, what's new: #libcasr: library for crash triage, stacktrace parsing, severity estimation, and collecting crash reports. Crash triaging for Go panics AARCH64 support #fuzzing

Excited to present new(?) approach to #fuzzing where one doesn't need to write fuzz functions. Wanna fuzz all binaries on github - no problem. Just give the fuzzer binaries to test. No false positives & 100% fidelity. Blender: whole-program fuzzing: https://t.co/K0ZQw2L1As

Very nice collection of publications about #fuzzing:

My blog post about #fuzzing #go project golang/image: https://t.co/36RtuAMlBR 0. Changing existing fuzz target to find new bugs. 1. Approach for code coverage collection after fuzzing with go-fuzz libFuzzer. 2. Go panic triage with #casr. 3. Fix:

Auto-fuzz: we recently pushed a tool for auto generation of Python #fuzzers and #OSS-Fuzz integrations. Early days, but it can create some valid integrations and many pieces will come together in the near future -- follow along :)! https://t.co/jWbT3ywzUf

Not the first time I'm convinced that using more the one fuzzer/symbolic executor it's a good idea. Just used @aflplusplus on known image-rs targets and found some issues: https://t.co/9qxvgHWVfp https://t.co/EiLcpm6jSA #fuzzing

We just released Fuzzilli v0.9.3: https://t.co/3kbRSBpBsq ... and more cool stuff is coming soon :) Happy Fuzzing!