OSS-Fuzz integrations via agent-based build generation
OSS-Fuzz integrations via agent-based build generation.
Automating OSS-Fuzz integrations using an agentic approach to build generation: blog.oss-fuzz.com/posts/oss-fu...
Fuzzing at scale requires a solution for build script generation, and an LLM-based agentic approach looks promising for this. It too works well with OFG's harness gen capabilities π€
27.05.2025 08:06 β π 1 π 0 π¬ 0 π 0
Weβre hiring Vulnerability Researchers at @infosectcbr.bsky.social that specialise in Linux, OS kernels, Android, and embedded/IoT. With a world class hardware lab, come join our friendly and collaborative team, focusing on research against leading technologies. DM for details.
30.04.2025 08:05 β π 6 π 2 π¬ 0 π 1
Awesome job by my PhD student @gabriel-sherman.bsky.social presenting his work on Oracle-guided C Fuzzing Harness Generation! @icseconf.bsky.social
TLDR; 41 new bugs (40 now patched)... with 0 false positives!
30.04.2025 16:15 β π 8 π 1 π¬ 1 π 0
GoLibAFL β Fuzzing Go binaries using LibAFL
Nils Ollrogge, Bruno Produit
Using #LibAFL to fuzz @golang.org binaries with a proper modern fuzzer ππ
Super cool stuff by @srlabs.bsky.social
www.srlabs.de/blog-post/go...
16.04.2025 12:28 β π 14 π 3 π¬ 0 π 0
Slava Ukraini πΊπ¦
28.02.2025 18:20 β π 35051 π 4574 π¬ 402 π 97
#FUZZING'25 CALL FOR PAPERS
ββββββ
β¨ New OC members:
* Ruijie Meng (@ruijiemeng.bsky.social; NUS)
* Rohan Padhye (@rohan.padhye.org; CMU).
β¨ New paper type: Fuzzing Nuggets (short papers).
π fuzzingworkshop.github.io
π
20.March (Submission)
π
17.April (Notification)
π
28.June (Workshop)
17.02.2025 18:40 β π 18 π 11 π¬ 1 π 0
Minimal LLM-based fuzz harness generator
Auto generating #fuzzing harnesses by way of program analysis and #LLMs! New blog post "Minimal LLM-based fuzz harness generator": adalogics.com/blog/minimal...
We show how you can generate a sophisticated fuzz harness synthesis tool with a few lines of code.
18.02.2025 12:46 β π 0 π 0 π¬ 0 π 0
Yeah, it's relatively new -- we've worked 2-3 months on it from starting with tree-sitter, but have made good strides. FI already supports C/C++/Rust/golang and java. Mileage may vary between languages, but we're going to try and see how far tree-sitter can get us. More posts coming up shortly!
15.02.2025 23:07 β π 1 π 0 π¬ 1 π 0
TIL Fuzz Introspector has moved to tree-sitter and a Python library. Cool!
15.02.2025 01:42 β π 5 π 2 π¬ 1 π 0
Fuzz Introspector: enabling rapid fuzz introspection tool development
"Fuzz Introspector: enabling rapid fuzz introspection tool development" -- a new blog post on Fuzz Introspector and how it is moving into supporting analysis as a pure python library. #fuzzing #program-analysis See the blog post: adalogics.com/blog/fuzz-in...
14.02.2025 13:07 β π 3 π 1 π¬ 0 π 1
The Virtue of Simplicity
On January 24, 2025, I was invited to give a commencement speech for the graduates of Passau University. My speech focused on the βvirtue of simplicityβ, reflecting on the role of simplicity in scienc...
Yesterday, I gave a commencement speech for the graduates of #Passau University. "The virtue of simplicity" reflected on the role of simplicity in science, both personal and universal, and how it is important for the future career of graduates. Enjoy! andreas-zeller.info/2025/01/25/T...
25.01.2025 07:38 β π 13 π 2 π¬ 1 π 0
Senior Security Engineer, Security Research β Google Careers
Project Zero is hiring π
No need to tell y'all that the team is awesome
08.01.2025 10:23 β π 47 π 20 π¬ 0 π 0
βAFLNet Five Years Later: On Coverage-Guided Protocol Fuzzingβ
A look back at the last five years since the release of AFLNet, βthe first code- and state-coverage-guided protocol fuzzer.β
arxiv.org/abs/2412.20324
03.01.2025 03:08 β π 9 π 4 π¬ 0 π 0
Waitress turned Congresswoman for the Bronx and Queens. Grassroots elected, small-dollar supported. A better world is possible.
ocasiocortez.com
Senior Staff Eng @ Google Open Source Security.
OSS-Fuzz, OSV.dev
EU regulatory authority working for public and animal health.
We ensure that all medicines available on the EU market are high quality, safe and effective. Based in Amsterdam.
https://www.ema.europa.eu/
Professor at University of Melbourne and School of Computing and Information Systems cyber lead; Director @dsi-vic.bsky.social; Oxford DPhil (@compscioxford.bsky.social; @hertfordcollege.bsky.social). Cyber, verification, etc. He/him
Fuzzing; Vulnerability Research;
Deep Learning; Reverse Engineering
Training & Publications @ http://fuzzing.io
Hacking the planet since 1995
Undercurrents.io BOFH
I'll stop the world and melt with you
Substack: http://lcamtuf.substack.com/archive
Homepage: http://lcamtuf.coredump.cx
Software researcher at https://cispa.de, working on #Fandango, #S3, #FuzzingBook, #DebuggingBook. Testing, debugging, analyzing, and protecting software for a better world. Find me at https://andreas-zeller.info/
"I'm interested in all kinds of astronomy."
https://scrapco.de
Mostly cross-posting from Fediverse: @buherator@infosec.place
fuzzing enjoyer
@novafacing@haunted.computer
Security @Google, Personal Account.
Cyber Response Italian Supercazzola Technology Officer at
@mhackeroni Inc. Writing your favourite fuzz testing tools with
@aflplusplus. Security research at ο£Ώ.
We want to make fuzzing better and better
Follow for updates on AFL++ & LibAFL
Security researcher with an interest in formal methods.
Building fuzzers @ Interrupt Labs |
Teaching @ Australian National University
https://adrian-herrera.com
melee, cybersecurity, leftism
Privacy Researcher based in GΓΆttingen, Germany, previously working on Kernel Fuzzing @ TU Darmstadt.
AI researcher at XBOW. Security, RE, ML. PGP http://keybase.io/moyix/
Vulnerability researcher | Fuzzing | Anything low-level excites me | Admin @ https://0x00sec.org | My tweets are my own | Blog: https://0x434b.dev
Security Engineer @ Cloudflare,
ex-Google ISE,
I use bad software and bad machines for the wrong things.
My writing: https://carstein.github.io
