Andrew Fasano

@andrewfasano

CS graduate student . Cybersecurity researcher . Developer of . alum

Boston, MA
nation.state.actor
Vrijeme pridruživanja: srpanj 2008.
17 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @andrewfasano

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @andrewfasano

  1. Prikvačeni tweet
    29. lip 2018.

    I've spent most of the past month getting this ready and I'm quite excited to finally open up this competition to the public. If you're interested in bug finding, I hope you'll give it a try!

    Grab your lassos and warm up your CPUs- it's nearly time for the next bug finding rode0! The fun starts Monday at 1600 UTC and we've made some big changes in the past month to keep things exciting: 1/4
    Prikaži ovu nit
    7 korisnika označava da im se sviđa
    Poništi
  2. prije 8 minuta

    This is a really exciting new feature in QEMU. If it continues to be supported, we might have to look into re-implementing PANDA's callbacks as TCG plugins.

    Interested by QEMU intrusmentation / introspection ? Are you familiar with projects like - PANDA - DECAF - PyREBox Then you might want to have a look at this KVM Forum presentation: "Total System Awareness in TCG" by Alex Benée
    Prikaži ovu nit
    3 korisnika označavaju da im se sviđa
    Poništi
  3. 30. sij

    An example is available at . Seems like there’s sufficient interest so I’ll plan to get started on those blog posts soon!

    3 proslijeđena tweeta 10 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  4. 29. sij

    Added a new interface to PANDA today which mostly recreates Unicorn Engine but with support for taint analysis (and all the other existing PANDA features). Might be time for a series of blog posts about using PANDA from python.

    15 proslijeđenih tweetova 57 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    31. pro 2019.

    I’d love to bike more w the kids. Here’s the vision for a connected, low-stress cycling network thanks to : . Support !

    Odgovor korisniku/ci @wutrain
    Make Boston a Top 10 city for bicycling!
    6 proslijeđenih tweetova 50 korisnika označava da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    29. stu 2019.

    Been hyped up for our HALucinator paper? Wait no more, we got you! The paper is now available, fresh from the press: As always, comments are very welcome! This was a collaboration between , , and

    10 proslijeđenih tweetova 25 korisnika označava da im se sviđa
    Poništi
  7. proslijedio/la je Tweet
    27. stu 2019.

    "Speculator: A Tool to Analyze Speculative Execution Attacks and Mitigations" by Mambretti et al. presents a tool aiming to be the GDB of speculative execution. The tool is freely available on Github: , , , (3/4)

    1 reply 11 proslijeđenih tweetova 24 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    6. stu 2019.

    How complicated is cellular baseband firmware? At least this complicated: over 150K debugging messages across 932 directories and 2,775 files! Rebuilding the source code skeleton from Samsung S10's Shannon S5000 baseband debugging messages.

    5 replies 35 proslijeđenih tweetova 114 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  9. 1. stu 2019.

    We (, , and Tim Leek) wrote an article for on "The to Less-Buggy Programs." Check it out here -

    1 reply 8 proslijeđenih tweetova 20 korisnika označava da im se sviđa
    Poništi
  10. proslijedio/la je Tweet
    30. lis 2019.

    Ghidra 9.1 is out!

    1 reply 22 proslijeđena tweeta 55 korisnika označava da im se sviđa
    Poništi
  11. proslijedio/la je Tweet
    27. lis 2019.

    what the hell

    16 replies 57 proslijeđenih tweetova 335 korisnika označava da im se sviđa
    Poništi
  12. proslijedio/la je Tweet
    27. lis 2019.

    Thanks for an awesome con! For folks who want to learn about Ghidra and missed my talk - slides, video and resources here:

    1 reply 5 proslijeđenih tweetova 14 korisnika označava da im se sviđa
    Poništi
  13. 24. lis 2019.

    Made a mediocre Ghidra emulator today with ! It has a lot of issues for now (like how it exports data from Ghidra's Jython environment and then needs to run in a real Python3 env), but I still think it's pretty cool.

    1 reply 9 proslijeđenih tweetova 49 korisnika označava da im se sviđa
    Poništi
  14. proslijedio/la je Tweet
    23. lis 2019.

    Firmware Emulation Framework

    37 proslijeđenih tweetova 105 korisnika označava da im se sviđa
    Poništi
  15. proslijedio/la je Tweet
    18. lis 2019.

    The details from his Equifax class-action suit are BONKERS

    91 reply 2.203 proslijeđena tweeta 4.086 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    17. lis 2019.

    How can we avoid overspecializing our tools towards a benchmark? As a follow-up to our investigation of the Angora fuzzer, here are some thoughts on good scientific practice as it comes to evaluating software:

    Table of contents of blog post
    1 reply 17 proslijeđenih tweetova 43 korisnika označavaju da im se sviđa
    Poništi
  17. proslijedio/la je Tweet
    16. lis 2019.

    It’s alive!!!

    163 proslijeđena tweeta 296 korisnika označava da im se sviđa
    Poništi
  18. proslijedio/la je Tweet
    27. ruj 2019.

    Flare-Emu - Powered by IDA Pro and the Unicorn emulation framework that provides scriptable emulation features for the x86, x86_64, ARM, and ARM64 architectures to reverse engineers

    42 proslijeđena tweeta 87 korisnika označava da im se sviđa
    Poništi
  19. 24. ruj 2019.

    One more interesting thing we've seen through Rode0day is that teams ability to find synthetic bugs generally corresponds with their ability to discover organic bugs. 13/12

    5 proslijeđenih tweetova 11 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  20. 24. ruj 2019.

    So in summary, we do need better approaches to generating benchmarks for bug-finding systems. Current approaches all have significant limitations. But using many novel synthetic bugs combined with a few known organic bugs seems to be a decent approach for now. 12/12

    3 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  21. 24. ruj 2019.

    But new synthetic bugs can be generated at a large scale and on-demand to evaluate systems on thousands of never-before-seen bugs. That's what we're doing through and we're currently working to generate (and release) significantly more data on those benchmarks. 11/

    1 reply 2 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi

@andrewfasano još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·