Fuzzing Weekly
27. January 2023 | CW4
Antiviruses act as a last mitigation for regular users and a challenge for attackers. However, to bypass the detection mechanisms, attackers can apply various heuristic tricks like binary packing, custom obfuscation, etc. So, we decided to venture into one of the most widely used antiviruses: Windows Defender. In this post, we analyze Windows Defender and the root cause of the bug that we found through fuzz testing. Learn more.
From: Daejin Lee, Seunghoe Kim, Donguk Kim, Eugene Jang
This paper details the design and usage of a grammar-based fuzzing framework and applies it to the Link Layer Discovery Protocol (LLDP), which is commonly used by industrial networking equipment. Learn more.
From: Leon Fernandez, Gunnar, Karlsson, Daniel Hübinette
In Other News
- Critical RCE vulnerabilities found in git (CVE-2022-41903, CVE-2022-23251)
Two out-of-bounds memory issues found it git. What can users mitigate this vulnerability, and what are best practices to improve git security? Learn more.
From: Zeljka Zorz
- Explaining Fuzz Testing Without Using Any Code
Fuzzing is becoming a thing on TikTok and YouTube Shorts. Here's an example. Learn more.
From: GrandmasterFuzz
This Week's Discussion
- Pycurl Error 6: Could Not Resolve Host: www.google.com
New Tutorial
- Emulated Based Snapshot Fuzzing
From: Joel Engelcrona at 0xFF Sweden
Fuzzing Jobs
- Reverse Engineer
Naval Group, Ollioules, France
- Pentester
IDEMIA, Osny, Île-de-France, France
Code Intelligence, Rheinwerkallee 6,
Bonn, NRW 53227, +49 228 28695830
Unsubscribe Manage preferences