David MooreinFuzz Stati0nFuzz Stati0n Pivots to Node JSDo you drive a car or use a smart phone? If so, every day you run a vast amount of software — over 100 million lines of code. We live in a…Jan 4, 2018Jan 4, 2018
David MooreinFuzz Stati0nPreparing an Application for AFL-FuzzTo fuzz test a C or C++ application for security vulnerabilities and crashes there are a few things that should happen first:Oct 2, 2017Oct 2, 2017
David MooreinFuzz Stati0nWhat is “Continuous Fuzzing”?Fuzz testing is a dynamic technique that bombards a target application with crafted input to force the execution of unanticipated paths…Sep 21, 20171Sep 21, 20171
David MooreinFuzz Stati0nBreaking Ruby’s Unmarshal with AFL-FuzzI found an integer overflow in the rb_str_modify_expand()function (fromstring.c)of the Ruby MRI interpreter by fuzzing the Marshal.load…Sep 13, 20178Sep 13, 20178
David MooreinFuzz Stati0nFuzz Testing: Choosing a Seed File for AFLMutational fuzzers such as AFL require an initial input file — this file will be mutated many times by the fuzzer in an effort to find bugs…Sep 1, 2017Sep 1, 2017
David MooreinFuzz Stati0nQuick-start: Fuzzing with AFLFuzz test the deliberately vulnerable C program: Fuzzgoat.Aug 22, 2017Aug 22, 2017
David MooreinFuzz Stati0nWhat Applications Should Be Fuzz Tested?Several factors indicate that an application is a good candidate for fuzz testing:Jul 24, 2017Jul 24, 2017