Fuzzing Weekly
02. December 2022 | CW48
How would an attacker remotely take over a personal Linux or Android device? Or send a malicious link and get code execution through the browser? In this article, Andrey Konovalov explains how he extended a kernel fuzzer called syzkaller for this purpose, and how he managed to find a one-shot RCE in a non-public kernel flavor. Learn more.
From Andrey Konovalov
American Fuzzy Lop (AFL) is a popular fuzzer, traditionally used to find bugs in C and C++ code. python-afl and aflgo have adapted AFL for use with python and go, and now afl-ruby. Here’s how it works. Learn more.
From: Richo Healy & Robert Heaton
In Other News
- Car Hacking: The Sirius XM Software Vulnerability
Newly revealed research shows that a number of major car brands, including Honda, Nissan, Infiniti, and Acura, were affected by a previously undisclosed security bug that would have allowed a savvy hacker to hijack vehicles and steal user data. Learn more.
From: Sam Curry
- New CLI Tool Allows Java Devs to Add Fuzzing to JUnit
CI Fuzz CLI, now allows Java developers to incorporate fuzz testing into their existing JUnit setups. Learn more.
From: John Waters
This Weeks Discussions
- How to Use Libfuzz on a C Project That Is Not a Library
From: niklbird
New Tutorial
- Burp Suite - Fuzzing for Credentials
From: CyberPro Tec
- Fuzzing Java Applications With CI Fuzz CLI using Maven
From: Code Intelligence
Fuzzing Jobs
- Security Fuzzing and Code Security Assessment Engineer
EPAM Systems, Remote Job
- Principle Language Fuzzing Engineer
Epic Games, Remote Job
Code Intelligence, Rheinwerkallee 6,
Bonn, NRW 53227, +49 228 28695830
Unsubscribe Manage preferences