Automating OSS-Fuzz integrations using an agentic approach to build generation: blog.oss-fuzz.com/posts/oss-fu...
Fuzzing at scale requires a solution for build script generation, and an LLM-based agentic approach looks promising for this. It too works well with OFG's harness gen capabilities ๐ค
Posts by David Korczynski
Weโre hiring Vulnerability Researchers at @infosectcbr.bsky.social that specialise in Linux, OS kernels, Android, and embedded/IoT. With a world class hardware lab, come join our friendly and collaborative team, focusing on research against leading technologies. DM for details.
Awesome job by my PhD student @gabriel-sherman.bsky.social presenting his work on Oracle-guided C Fuzzing Harness Generation! @icseconf.bsky.social
TLDR; 41 new bugs (40 now patched)... with 0 false positives!
Using #LibAFL to fuzz @golang.org binaries with a proper modern fuzzer ๐๐
Super cool stuff by @srlabs.bsky.social
www.srlabs.de/blog-post/go...
Slava Ukraini ๐บ๐ฆ
#FUZZING'25 CALL FOR PAPERS
โโโโโโ
โจ New OC members:
* Ruijie Meng (@ruijiemeng.bsky.social; NUS)
* Rohan Padhye (@rohan.padhye.org; CMU).
โจ New paper type: Fuzzing Nuggets (short papers).
๐ fuzzingworkshop.github.io
๐
20.March (Submission)
๐
17.April (Notification)
๐
28.June (Workshop)
Auto generating #fuzzing harnesses by way of program analysis and #LLMs! New blog post "Minimal LLM-based fuzz harness generator": adalogics.com/blog/minimal...
We show how you can generate a sophisticated fuzz harness synthesis tool with a few lines of code.
Yeah, it's relatively new -- we've worked 2-3 months on it from starting with tree-sitter, but have made good strides. FI already supports C/C++/Rust/golang and java. Mileage may vary between languages, but we're going to try and see how far tree-sitter can get us. More posts coming up shortly!
TIL Fuzz Introspector has moved to tree-sitter and a Python library. Cool!
"Fuzz Introspector: enabling rapid fuzz introspection tool development" -- a new blog post on Fuzz Introspector and how it is moving into supporting analysis as a pure python library. #fuzzing #program-analysis See the blog post: adalogics.com/blog/fuzz-in...
Yesterday, I gave a commencement speech for the graduates of #Passau University. "The virtue of simplicity" reflected on the role of simplicity in science, both personal and universal, and how it is important for the future career of graduates. Enjoy! andreas-zeller.info/2025/01/25/T...
โAFLNet Five Years Later: On Coverage-Guided Protocol Fuzzingโ
A look back at the last five years since the release of AFLNet, โthe first code- and state-coverage-guided protocol fuzzer.โ
arxiv.org/abs/2412.20324