VUzzer: application-aware evolutionary fuzzing strategy that does not require any prior knowledge of the application or input format.

https://sharcs-project.eu/m/filer_public/48/8c/488c5fb7-9aad-4c87-ab9c-5ff251ebc73d/vuzzer_ndss17.pdf

https://github.com/vusec/vuzzer #fuzzing #MorteNoir

This post will explain the process of finding and exploiting a previously unknown vulnerability in a real-world piece of software to achieve code execution. The vulnerability was initially found in 2016 and the vendor was contacted however no response was ever received. Now several years later (March 2019 at time of writing), the vulnerability still exists in the latest version.

https://medium.com/@DanielC7/introduction-to-file-format-fuzzing-exploitation-922143ab2ab3

#re #fuzzing #expdev

Fuzzing the Kernel using AFL Unicorn https://github.com/fgsect/unicorefuzz #fuzzing #dukeBarman

DynamoRIO plugin to get ASAN and SanitizerCoverage compatible output for closed-source executables https://github.com/googleprojectzero/DrSancov #fuzzing #dukeBarman

A set of helpers and examples to fuzz Win32 binaries with AFL++ QEMU https://github.com/andreafioraldi/WineAFLplusplusDEMO #fuzzing #dukeBarman

Frida-based general purpose fuzzer https://github.com/demantz/frizzer #fuzzing #frida #dukeBarman