Cornelius Aschermann

@is_eqv

PhD on Fuzzing and Stuff

Vrijeme pridruživanja: kolovoz 2016.

Tweetovi

Blokirali ste korisnika/cu @is_eqv

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @is_eqv

  1. 31. sij

    huge fan of this presentation style: I would love to see tooling to create this kind of presentation/blogpost easily.

    Poništi
  2. proslijedio/la je Tweet
    30. sij

    Happy to announce a new LLVM instrumentation for AFL++ called CmpLog that feeds the fuzzer with comparisons operands extracted with SanCov. I used it to build the Redqueen mutator in AFL++!

    Poništi
  3. proslijedio/la je Tweet
    25. sij

    Check out the RLCheck preprint! Cool idea to try and use reinforcement learning to tune generators to generate more valid (assumption-satisfying) inputs. With

    Prikaži ovu nit
    Poništi
  4. 22. sij
    Poništi
  5. proslijedio/la je Tweet
    21. sij

    Picked up my badge for . I will be talking about the push for PLC security and how disregarding system components has rendered such efforts fruitless. Join me on Wednesday morning for 's and my take on the pros and cons of allowing low-level PLC access.

    Poništi
  6. proslijedio/la je Tweet
    11. sij

    AFLNet is a pretty awesome tool for fuzzing network protocols! Our tool paper reports on implementation and strong first results (e.g., CVE-2019-7314). Stay tuned for more improvements and a full-fledged evaluation.

    Poništi
  7. proslijedio/la je Tweet
    3. sij

    The Fuzzing Round Table Video from hosted by and me and featuring and many more. Sorry for the sound, it could be a lot better but is understandable at least.

    Poništi
  8. proslijedio/la je Tweet
    26. pro 2019.

    New blogpost: Sanitized Emulation with QEMU-AddressSanitizer I just open-sourced my QEMU patches to fuzz binaries with ASan, QASan. You can also use it with ARM targets on Linux, a thing that you can't do with LLVM ASan!

    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet
    31. pro 2019.

    If you are a C or C++ programmer somehow still on the fence about whether or not you should take seriously, consider this piece from Cliff Biffle an absolute must-read:

    Poništi
  10. 27. pro 2019.

    Anyone at wants to discuss Fuzzing/RE/Program Analysis/anything really, hmu

    Poništi
  11. proslijedio/la je Tweet
    26. pro 2019.

    'Tis the season If you're into fuzzing don't miss the meetup on day 2 at 8pm. See you around :)

    Poništi
  12. proslijedio/la je Tweet
    13. pro 2019.

    I and are organizing a round table about new directions in at We'll try to not overlap fuzzing talks (we can change the time slot later if the room is available). Join if you're in the fuzzing loop (we'll publish a signup form ASAP)

    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    9. pro 2019.

    "Time Travel Testing for Android apps" accepted at ! Congrats @zhendon01965406, Lucia and Abhik! Preprint and tool will be available soon. 1/4

    Prikaži ovu nit
    Poništi
  14. 10. pro 2019.

    I can recommend interviewing with Richard, great experience overall!

    Poništi
  15. proslijedio/la je Tweet
    5. pro 2019.

    con this Saturday Patrick and I will be talking about our new fuzzer! We build a fuzzer that can detect new inputs to a target and automatically fuzz them, all without any manual harnessing required. We also have tons of cool data to show off. Here is a sample: 1/n

    Prikaži ovu nit
    Poništi
  16. 5. pro 2019.

    Slides for and my talk on fuzzing at are now available:

    Poništi
  17. 4. pro 2019.

    Anyone at Blackhat London? Wanna meet later?

    Poništi
  18. proslijedio/la je Tweet
    26. stu 2019.

    Debuggers suck, not using a debugger sucks, and you suck.

    Poništi
  19. proslijedio/la je Tweet
    22. stu 2019.

    Introducing the fzero fuzzer! A target-architecture-agnostic grammar-based fuzzer (inspired by F1). With no input size constraints, multi-thread support, and all Rust code for no corruption bugs. 5x faster than the worlds fastest grammar-based fuzzer ;D

    Poništi
  20. proslijedio/la je Tweet
    23. svi 2019.

    Our work on using program synthesis to improve the scalability of symbolic execution is online now: idea: instead of constructing symbolic expressions through interpretation, use taint analysis to get a sketch and synthesize based on input/output pairs

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·