Using editor extensions to bookmark parts of code, generating control flow diagrams, reading 50-page documentation before checking out the code, spending days setting up fuzzers vs Reading a code line by line and finding bugs

¿Buscas vulnerabilidades en protocolos? 🐛 boofuzz, el sucesor moderno de Sulley, te permite crear potentes fuzzers con Python para automatizar tu búsqueda de bugs. ¡Imprescindible para tu arsenal de pentesting! 🐛💻 [#boofuzz #Fuzzing #HackingEtico #Ciberseguridad]

🚀 Fuzzers / Brute Forcers Tools which focus on throwing 'bad stuff' at things - the user typically has to work out if it sticks. #bugbounty #bugbountytips #bugbountytip #hackerone #bugcrowd #infosec #cybersecurity #pentesting #redteam #informationsecurity #securitycipher

Fuzzers (Echidna/Medusa/Foundry) vs @CertoraInc - solvers for a denial of service to an `executeFlashLoan()` function which shouldn't revert if the reasonable preconditions are satisfied. The Fuzzers are written in pure Solidity and require a manual setup, but the actual

Fuzzers (using Chimera) vs Certora #2 - Proposal voting The Certora solver is more concise than the fuzzers especially since no "setup" is required, but the way Certora solves it is very different to the fuzzers. Originally I wrote the Certora invariant just like the fuzzers

Most AI tools in security today aren’t discovering new issues. They’re reranking output from static scanners or fuzzers. That’s helpful, especially post-deployment. But pre-deployment? Accuracy matters more than automation. Slapping AI on bad tools just gives you faster bad

Also, I just realized I forgot to share the winner of the week before last, Cat on Moon by Truong Thi Kim Que!! 😄🌜🐈‍⬛ I love it because it reminds me of my little spooky fuzzers! Do you have any pets??

Fuzzers guess. Predator™ plans. Predator™ doesn’t randomly crash contracts – it learns how to break them. That’s the difference between fuzzing and real security.🔒

Using large language models as fuzzers :D I'm writing a Rust framework to allow any LLM to interface with any command line tool (maybe GUI at some point?) and use it autonomously to execute a given task. Goal: find an input for which the executable crashes. Llama3:7B ->

Want to find bugs faster? These 5 tips will save you hours👇 1️⃣ Fuzz before reverse engineering Reverse engineering takes time. Quick fuzzing can immediately expose bugs, helping you prioritize where to dig deeper. Let the crashes guide your RE path. 2️⃣ Use simple fuzzers

highly recommend this video, and try to spot where symbolic execution and fuzzers fit in the picture

Security Phd: run fuzzers for days and get an unexploitable bug 🤡 Game console players: look at the fbsd kernel for 15 minutes and find a race-condition based UAF 😎 https://t.co/RXr5dhoxbL

Web3 security pros use the best tools. Stop hunting bugs with basic kit. This curated list of fuzzers, verification, and monitoring techniques is the alpha you need. 👇 https://t.co/ix3CIHzOv2

Pro fuzzers bend the probabilities that rare events happen at. Let's say your contracts act one way most of the day, and a different way for one block. Normal fuzzing might barely test the second kind because it randomly happens so rarely. But it might be most of the code. 1/2

Traditional fuzzers miss deep bugs in modern software. Without feedback, they waste cycles on already-tested paths. Here are 5 advantages of coverage-guided fuzzing and why it's a game-changer for vulnerability discovery👇 1️⃣ Smarter Input Selection Coverage-guided fuzzers

both floor vacuums and fuzzers show more intelligent pathing isn't as useful as slippery cat-like persistence solving problems with fat wordcel poets pretrained on humanity's cultural prior (rather than arbitrary SGD RL) is definitely one of the good futures

This hack seemed to somehow enable fuzzers to send pseudo-random eth amounts and print unlimited amounts of $TRU The fuzzing bots are eating this up like piranhas

Fuzzers are only as effective as the code they touch. That’s why building a harness can make or break your fuzzing workflow. Here are 5 key reasons why fuzzing harnesses are essential for modern bug hunting👇

There is a city named Asan in Korea where you can bring your fuzzers and get reports.