Gabriel Sherman @gabriel-sherman

Latest posts by gabriel-sherman.bsky.social on Bluesky

Harnessing 101: A Beginner's Guide to Fuzzing Harnesses | Gabriel Sherman As a newcomer to the computer security world working on my first paper, No Harness, No Problem: Oracle-guided Harnessing for Auto-generating C API Fuzzing Harnesses, I inevitably spent countless hours...

Curious about fuzzing but don't know where to start? I wrote my first blog post on how to choose your target, build an AFL++-compatible harness, and avoid common pitfalls.

Check it out:
gabe-sherman.github.io/2025-09-17-b...

18.09.2025 20:18 — 👍 0 🔁 1 💬 0 📌 0

Check it out!
📄 Paper: futures.cs.utah.edu/papers/25ATC.pdf
🛠️ Bin2Wrong: github.com/FuturesLab/Bin2Wrong
💥Some impacts of bugs Bin2Wrong found: binary.ninja/2024/06/19/restructuring-the-decompiler.html

#fuzzing #decompilation

22.05.2025 20:04 — 👍 1 🔁 2 💬 0 📌 0

OGHarn mutationally generates harnesses and uses 3 oracles of behavior to determine both their utility and validity, leading to the discovery of 41 new bugs(with zero false-positive crashes)!

Paper: futures.cs.utah.edu/papers/25ICS...
Source: github.com/FuturesLab/O...

Happy Fuzzing! 🐛

17.03.2025 18:52 — 👍 9 🔁 3 💬 0 📌 0

Need a fuzzing harness? No time to write one? Tired of false-positives? Let OGHarn lead the way to bug discovery!🐞

I'm excited to share my paper(with @snagycs.bsky.social)"No Harness, No Problem: Oracle-guided Harnessing for Auto-generating C API Fuzzing Harnesses" at @icseconf.bsky.social 2025!

17.03.2025 18:52 — 👍 17 🔁 6 💬 1 📌 0

@gabriel-sherman is following 20 prominent accounts

Peter Goodman
@cxx.dev

C++ developer specializing in source and binary program analysis and transformation.

Caroline Lemieux
@cestlemieux

now: Assistant Professing™ in Software Practices Lab at UBC. was: postdoc MSR NYC, phd UC Berkeley. also at https://mastodon.acm.org/@cestlemieux. she/her.

John La Rooy
@johnlarooy

Computing. Science. 3D printing. Melbourne

Andreas Zeller
@andreaszeller

Software researcher at https://cispa.de, working on #Fandango, #S3, #FuzzingBook, #DebuggingBook. Testing, debugging, analyzing, and protecting software for a better world. Find me at https://andreas-zeller.info/

crazy hugsy
@blah.cat

Someone who likes debuggers a bit too much 🇨🇦 • 🇰🇷 • 🇫🇷

Karsten
@gr4yf0x

VR. Can cook a decent Cacio e Pepe. Physicist in a former life.

Kagemusha
@kagemusha1337

Independent vulnerability researcher

mzakocs
@mzakocs

Security Researcher @ ASU SEFCOM

Meysam
@r00tkitsmm

Security Researcher.

Dipesh
@dipeshhh

Interested in Programming Languages and Systems.

Hila Peleg
@hilacodes

Asst. Prof of CS@Technion, program synthesis is all about correctness. PL/SE/HCI, she/her

Hasnain Lakhani
@mhlakhani

I try to learn everything. Views hopefully my own. Nerd (PL, Rust, security, AI, systems, …). Leftist. Covid conscious. AuDHD (probably). YIMBY. Free Palestine.

Marcel Böhme
@mboehme

Software Security @MPI, PhD @NUS, Dipl.-Inf. @TUDresden. Research Group: http://mpi-softsec.github.io

@bsdb0y

Vuln Research @ Qualcomm Product Security

Nathan
@nrutherf

Security Researcher and InfoSec PhD-er

Daniel Klischies
@dklischies

Firmware/OS/Cellular Security Research @ruhr-uni-bochum.de

@nopnopgoose

Bogdan "Bo" Stoica
@cachemisses

Postdoc-ing @ UIUC. Working on systems reliability and efficiency. Opinions, my own. Reposts are not endorsements. Personal website: https://bastoica.github.io/

Eric Eide
@ericeide

Research Associate Professor, University of Utah Kahlert School of Computing • Personal account • Opinions my own, not employer's • RTs not endorsements

dmnk
@dmnk

【ＤΞＣＯＭＰＩＬΞ　ＮΣＶΞＲ】 Android Red Team @google Fuzzing @aflplusplus.bsky.social CTF @enoflag (opinions my own)