monperrus
commented
5 years ago Closed monperrus closed 2 years ago
monperrus
commented
5 years ago monperrus
commented
5 years ago CodeAlchemist: Semantics-Aware Code Generation to Find Vulnerabilities in JavaScript Engines https://daramg.gift/paper/han-ndss2019.pdf
bbaudry
commented
5 years ago fuzzing for JavaScript engines https://saelo.github.io/presentations/offensivecon_19_fuzzilli.pdf
monperrus
commented
5 years ago "Whitebox fuzzing has found one-third of all file fuzzing bugs during the development of Windows 7, saving millions of dollars in potential security vulnerabilities. The technique is in use today across multiple products at Microsoft."
Billions and Billions of Constraints: Whitebox Fuzz Testing in Production https://patricegodefroid.github.io/public_psfiles/icse2013.pdf
monperrus
commented
5 years ago AFL won the competition! AFL is a greybox fuzzer.
More on greybox fuzzing: https://www.fuzzingbook.org/html/GreyboxFuzzer.html
monperrus
commented
5 years ago EnFuzz: Ensemble Fuzzing with Seed Synchronization among Diverse Fuzzers "we implement EnFuzz , a prototype basing on four strong open-source fuzzers (AFL, AFLFast, AFLGo, FairFuzz)" https://arxiv.org/abs/1807.00182
bbaudry
commented
4 years ago The LAVA Synthetic Bug Corpora https://moyix.blogspot.com/2016/10/the-lava-synthetic-bug-corpora.html
References: