Fuzzing Weekly
03. February 2023 | CW5
Google continuously improves OSS-Fuzz’s infrastructure and expands the language support to cover C/C++, Go, Rust, Java, Python, and Swift. Now, as part of an ongoing collaboration with Code Intelligence, Google announced to add support for JavaScript fuzzing through Jazzer.js. Learn more.
From: Oliver Chang
Reachable coverage quantifies the effectiveness of a fuzzer by measuring the number of code elements in its search space. It cannot find bugs in unreachable code. Using static analysis, we can estimate reachable coverage, but cannot determine it precisely. In this scientific paper, security researcher propose a statistical approach to improve accuracy of the estimation as analysis runtime increases. Learn more.
From: Danushka Liyanage, Marcel Bohme, Chakkrit Tantithamthavorn, Stephan Lipp
In Other News
- Google Boosts Bounties for Open-Source Flaws Found Via Fuzzing
On Wednesday, Google increased bounties for fuzzing coverage projects (up to $5,000 per project), and added rewards for some FuzzBench integrations. Max reward per project integration is now $30k. Learn more.
From: Jessica Lyons Hardcastle
- New PhD Scholarship for Fuzzing Researchers Open for Application.
The application for the UQ International PhD Scholarship in Directed Fuzz Testing for Automated Software Bug Detection for the academic year 2023/2024 is now open by University of Queensland for all International Students in Australia. Learn more.
From: nkejoy
This Week's Discussion
New Tutorial
- Till REcollaps: Fuzzing the Web for Mysterious Bugs
From: From: Oxacb at NahamCon 2022
Fuzzing Jobs
- Reverse Engineer
Naval Group, Ollioules, France
- Principal Language Fuzzing Engineer
EPIC Games, Cary, NC, US
Code Intelligence, Rheinwerkallee 6,
Bonn, NRW 53227, +49 228 28695830
Unsubscribe Manage preferences