Happy to share our work "Cottontail: LLM-Driven Concolic Execution for Structured Test Input Generation" will appear in S&P'26! Paper: https://t.co/vIxZD5BGE2 Code: https://t.co/NxuD4wwNF4 Special thanks to @nim_gnoes_eel, @JNUYUXIAN, @spinpx, @LingxiaoJiang, and @mboehme_ ♥️

(Prompt) Fuzzing is fundamentally a form of inference scaling law.

What happens if you write buggy code and misconfigure the experimental setup when evaluating a fuzzer’s performance? Wrong and misleading conclusion! We found several fatal bugs and wrong experimental settings in MLFuzz ( https://t.co/OrM4Q8ns1a, a revisit work on NEUZZ published

Interesting findings in SEIP accepted paper list.

Here is one original draft wrote at two years ago:

https://t.co/X4u8bPKPYZ I and Wei Cao did most of this work and wrote the first draft while we were at Ant Group. However, they removed us from the author list. Sad story. This work is shepherd by Alex Liu. However, he is not in the list, too.

@AndreasZeller @ririnicolae @MaxCamillo @FSEconf Andreas, you are a renowned researcher in the fuzzing community, and your fuzzing book is amazing. But this work draws a completely WRONG conclusion due to the careless comparison of file-retrieval fuzzer against in-memory fuzzer, where the fuzzing throughput gap is up to 10X

Hopper supports LLVM instrumentation now.

Hopper is released at:

We presented HOPPER, which generates fuzzing test cases for libraries automatically via interpretative fuzzing. It transforms the problem of library fuzzing into the problem of interpreter fuzzing. The paper can be found at

Our recent work on fuzzing nested branches:

binutils, tcpdump, mupdf, ffmpeg are the most popular programs in evaluation of fuzzing papers. 🙂🙂 https://t.co/S7mTUJrom0

@dgryski We do plan to release the software in the future. Whether Angora works with other language depends on taint analysis engine. We used DFSan in the paper, and Angora also supports libdft now.

Congrats to my @TalosSecurity colleague @emd3l and the other accomplished authors of papers accepted at IEEE S&P https://t.co/rRkEPOgGao

Very excited to announce that my first paper “Understanding Linux Malware” was accepted @IEEESSP 2018! A study on more than 10k #Linux #malware documenting challenges and Linux-specific malicious techniques. With @emd3l @reyammer @balzarot

Angora: Efficient Fuzzing by Principled Search.

“We figured out a way to trick your voice assistants to respond to our commands but since it might be too obvious to you if we do that, we embedded our commands in songs, and everytime your voice assistant hears our songs it executes our commands”. 🔥 This is fine 🔥

The list of #NDSS18 accepted papers has it all! #privacy, #security, #automation, #IoT, #TLS, and so much more!

I'll always love how evil programming searches sound unless you know what they mean

Isolation, indeed, this is what @spacemacs is all about regarding configuration of hundreds of packages.