(Assume that it targets widely-used datatypes and has found vulns in widely used applications.)
-
-
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
If you learned from free resources like phrack and simliar publications I say the author has some obligation to publish it for free. It's a nice balance, make money on the front side (bugs) and give back when the fuzzer has served it's purpose
-
Microsoft was dragged kicking and screaming by
@k8em0 into supporting independent researchers like me through a bug bounty program but managed to keep me out of it through an unacceptable NDA. Suggesting that _I_ am not "giving back to the community" just adds insult to injury. -
Maybe you'd like me to add a fifth option: an MSRC shirt and a beer at a conference?
-
sixth option: thanks page. Wait, it already exists and I've learnt a lot from public sources. Don't give me the thanks. It's my must to report it for free :p
End of conversation
New conversation -
-
-
If you are interested I can ask around
-
Sure! I am considering untangling my old fuzzers from my framework into stand-alone code for sale to developers/researchers looking for inspiration or a base to kick-start/boost their own fuzzing effort. I'm trying to gauge interest and set a price.
End of conversation
New conversation -
-
-
Depends how good benchmark it had in past.. i guess
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.