unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
PDF is Broken: a justCTF Challenge
Trail of Bits sponsored the recent justCTF competition, and our engineers helped...
2021-02-02 21:50:28 | 阅读: 237 |
收藏
|
blog.trailofbits.com
polyfile
mutool
fstream
0x1337
binwalk
Breaking Aave Upgradeability
On December 3rd, Aave deployed version 2 of their codebase. While we were not hir...
2020-12-17 01:01:55 | 阅读: 248 |
收藏
|
blog.trailofbits.com
proxy
aave
sol
lendingpool
Reverie: An optimized zero-knowledge proof system
Zero-knowledge proofs, once a theoretical curiosity, have recently seen widesprea...
2020-12-14 21:50:27 | 阅读: 236 |
收藏
|
blog.trailofbits.com
prover
mpc
players
reverie
verifier
High-fidelity build instrumentation with blight
TL;DR: We’re open-sourcing a new framework, blight, for painlessly wrapping and i...
2020-11-25 23:38:10 | 阅读: 289 |
收藏
|
blog.trailofbits.com
blight
invocation
wrapping
frontend
compilers
Smart (and simple) ways to prevent symlink attacks in Go
After writing Go for years, many of us have learned the error-checking pattern do...
2020-11-24 22:00:04 | 阅读: 264 |
收藏
|
blog.trailofbits.com
ioutil
openfile
isnotexist
truncation
nofollow
Good idea, bad design: How the Diamond standard falls short
TL;DR: We audited an implementation of the Diamond standard proposal for contract...
2020-10-31 02:19:18 | 阅读: 286 |
收藏
|
blog.trailofbits.com
diamond
facet
proposal
proxy
Efficient audits with machine learning and Slither-simil
by Sina Pilehchiha, Concordia UniversityTrail of Bits has manually curated a wea...
2020-10-23 20:00:51 | 阅读: 238 |
收藏
|
blog.trailofbits.com
slither
solidity
simil
slithir
Let’s build a high-performance fuzzer with GPUs!
by Ryan Eberhart, Stanford UniversityTL;DR: Can we use GPUs to get 10x performan...
2020-10-22 19:00:14 | 阅读: 302 |
收藏
|
blog.trailofbits.com
memory
fuzzer
gpus
i64
remill
Osquery: Using D-Bus to query systemd data
by Rachel Cipkins, Stevens Institute of TechnologyDuring my summer internship at...
2020-10-14 21:00:17 | 阅读: 304 |
收藏
|
blog.trailofbits.com
osquery
dbus
asciinema
systemd1
freedesktop
Detecting Iterator Invalidation with CodeQL
by Kevin Higgs, Montgomery Blair High SchoolIterator invalidation is a common an...
2020-10-09 21:30:22 | 阅读: 311 |
收藏
|
blog.trailofbits.com
iterator
lld
itergator
splices
PrivacyRaven Has Left the Nest
By Suha S. Hussain, Georgia TechIf you work on deep learning systems, check out...
2020-10-08 21:00:36 | 阅读: 274 |
收藏
|
blog.trailofbits.com
substitute
inference
membership
inversion
Graphtage: A New Semantic Diffing Tool
Graphtage is a command line utility and underlying library for semantically compa...
2020-08-28 20:00:27 | 阅读: 229 |
收藏
|
blog.trailofbits.com
graphtage
canonical
zab
Using Echidna to test a smart contract library
In this post, we’ll show you how to test your smart contracts with the Echidna fu...
2020-08-17 20:00:17 | 阅读: 243 |
收藏
|
blog.trailofbits.com
memory
library
crytic
echidna
Sinter: New user-mode security enforcement for macOS
TL;DR: Sinter is the first available open-source endpoint protection agent writte...
2020-08-12 14:41:16 | 阅读: 246 |
收藏
|
blog.trailofbits.com
sinter
security
client
monitoring
Accidentally stepping on a DeFi lego
The initial release of yVault contained logic for computing the price of yUSDC th...
2020-08-05 20:00:03 | 阅读: 255 |
收藏
|
blog.trailofbits.com
usdc
musd
bpt
yusdc
balancer
Contract verification made easier
Smart contract authors can now express security properties in the same language t...
2020-07-13 04:00:46 | 阅读: 242 |
收藏
|
blog.trailofbits.com
manticore
verifier
symbolic
balances
exploration
Advocating for change
As a company, we believe Black lives matter. In the face of continued police brut...
2020-06-18 06:33:17 | 阅读: 305 |
收藏
|
blog.trailofbits.com
police
nyc
policing
protest
Upgradeable contracts made safer with Crytic
Upgradeable contracts are not as safe as you think. Architectures for upgradeabil...
2020-06-12 20:50:52 | 阅读: 224 |
收藏
|
blog.trailofbits.com
crytic
proxy
upgradeable
mytoken
ECDSA: Handle with Care
The elliptic curve digital signature algorithm (ECDSA) is a common digital signat...
2020-06-11 20:50:20 | 阅读: 325 |
收藏
|
blog.trailofbits.com
ecdsa
nonces
inv
sn
elliptic
How to check if a mutex is locked in Go
TL;DR: Can we check if a mutex is locked in Go? Yes, but not with a mutex API. H...
2020-06-09 20:50:53 | 阅读: 240 |
收藏
|
blog.trailofbits.com
mutex
mutexlocked
rwmutex
Previous
11
12
13
14
15
16
17
18
Next