• FuzzyAI: Attacking LLMs With Coverage-Guided Fuzzing – https://youtu.be/hBPiiaUiOH8?si=nUE5JHVrdFxgQbR5

• Your NVMe Had Been Syz’ed – https://youtu.be/Jc25CM1Ppgo?si=jsz0Beqpr2nJ6h8g

• Linux Fuzzing Tutorial with AFL Fuzzer – https://www.youtube.com/watch?v=g6BQ-Ae_E4Q

• A Bug Hunter’s Reflections on Fuzzing – https://a13xp0p0v.github.io/img/Alexander_Popov-Reflections_on_Fuzzing.pdf / https://www.youtube.com/watch?v=wTbFmdx7wG8

📝 Blogposts/Papers/Slides

• Your NVMe Had Been Syz’ed: Fuzzing NVMe-oF/TCP Driver for Linux with Syzkaller – https://www.cyberark.com/resources/threat-research-blog/your-nvme-had-been-syzed-fuzzing-nvme-of-tcp-driver-for-linux-with-syzkaller

• Coverage guided fuzzing for native Android libraries (Frida & Radamsa) – https://knifecoat.com/Posts/Coverage+guided+fuzzing+for+native+Android+libraries+(Frida+%26+Radamsa)

• Large Language Model guided

  Protocol Fuzzing – https://mboehme.github.io/paper/NDSS24.pdf

• Talos releases new macOS open-source fuzzer – https://blog.talosintelligence.com/talos-releases-new-macos-fuzzer/

• To Boldly Go Where No Fuzzer Has Gone Before: Finding Bugs in Linux’ Wireless Stacks through VirtIO Devices – https://www.computer.org/csdl/proceedings-article/sp/2024/313000a024/1RjEa0y9RMQ

• Everything is Good for Something: Counterexample-Guided Directed Fuzzing via

  Likely Invariant Inference – https://nebelwelt.net/files/24Oakland2.pdf

• Hunting bugs in Nginx JavaScript engine (njs) – https://0xbigshaq.github.io/2024/05/24/njs-vr-bugs/

• Introducing LLM-based harness synthesis for unfuzzed projects – https://blog.oss-fuzz.com/posts/introducing-llm-based-harness-synthesis-for-unfuzzed-projects/

• TSS @ NUS – Fuzz Testing publications: https://nus-tss.github.io/fuzzing/publications/

• Democratizing Fuzzing at Scale – https://drive.google.com/file/d/1lUFIugzEy1eBBWkLDHC_hzRfahZUCZYR/view

• Thread on (counter-)intuitive fuzzing behavior and statistics – https://x.com/mboehme_/status/1795828470221820382

• Blackbox-Fuzzing of IoT Devices Using the Router TL-WR902AC as Example – https://tsmr.eu/blackbox-fuzzing.html

• • https://github.com/user1342/AutoCorpus: AutoCorpus is a tool backed by a large language model (LLM) for automatically generating corpus files for fuzzing.

  • https://github.com/lus33rr/AyedFuzzer: AyedFuzzer is a small Fuzzer with 3 options (File mutating, WinDbg-interactive monitor, multi-processing) for windows executables

  • Cisco-Talos/snap_wtf_macos: WTF Snapshot fuzzing of macOS targets – https://github.com/Cisco-Talos/snap_wtf_macos

  • https://github.com/seemoo-lab/VirtFuzz: VirtFuzz is a Linux Kernel Fuzzer that uses VirtIO to provide inputs into the kernels subsystem. It is built with LibAFL.

Any questions about our services and trainings ?

Get in touch today with any questions that you might have.