Jonathan Metzman

@metzmanj

Chrome fuzzing (ClusterFuzz) and OSS-Fuzz. Speaking on behalf of myself, not my employer.

Vrijeme pridruživanja: siječanj 2019.

Tweetovi

Blokirali ste korisnika/cu @metzmanj

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @metzmanj

  1. proslijedio/la je Tweet
    28. sij

    Interesting note re static analysis (SA): "SA hasn't been helpful in finding bugs in SQLite. SA has found a few bugs in SQLite, but those are the exceptions. More bugs have been introduced into SQLite while trying to get it to compile without warnings than have been found by SA"

    Prikaži ovu nit
    Poništi
  2. proslijedio/la je Tweet
    31. sij

    Today I learned Google recently hit 50% fuzzing coverage in Chrome. Wow.

    Poništi
  3. proslijedio/la je Tweet
    23. sij

    Looks like we're in the final throws of getting wasmtime accepted into oss-fuzz, which would be the first fuzz targets running there ever AFAIK. Thanks to @jonathanmetzman (and team) for helping make this happen. Pretty cool.

    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    30. pro 2019.
    Poništi
  5. proslijedio/la je Tweet
    27. pro 2019.

    I've implemented a fuzzer for PHP: Fuzzing is a great way to find obscure bugs in parsing libraries...

    Poništi
  6. proslijedio/la je Tweet
    27. pro 2019.

    I blog about writing custom protobuf mutation routines for fuzzing: Happy holidays and happy fuzzing! May you beat randomness with a custom mutation and find that elusive bug :-)

    Poništi
  7. proslijedio/la je Tweet
    18. pro 2019.
    Poništi
  8. proslijedio/la je Tweet
    17. pro 2019.

    For friends interested in : I took a random (likely biased) pass at recent papers and it looks like people base it things off of AFL much more than they do for libfuzzer. Is there a reason for this that I’m missing? Or is it just sampling bias?

    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet
    17. pro 2019.

    Just pushed a new Unicorefuzz version, based on the latest AFL++/unicornafl master. Enjoy some speedier snapshot fuzzing for kernels :)

    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    13. pro 2019.
    Poništi
  11. 13. pro 2019.

    Open the console first

    Prikaži ovu nit
    Poništi
  12. 13. pro 2019.

    This implementation of SQLite fuzzing is much faster but you need to open the dev tools console to see any output from libFuzzer:

    Prikaži ovu nit
    Poništi
  13. 13. pro 2019.
    Prikaži ovu nit
    Poništi
  14. 13. pro 2019.
    Prikaži ovu nit
    Poništi
  15. 13. pro 2019.

    libFuzzer fuzzing SQLite in the browser using WebAssembly:

    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    13. pro 2019.
    Poništi
  17. 12. pro 2019.
    Prikaži ovu nit
    Poništi
  18. 12. pro 2019.

    The video from my talk on structure-aware fuzzing at Black Hat was posted: I mostly cover libprotobuf-mutator but also discuss libFuzzer custom mutators.

    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet
    12. pro 2019.

    My fuzzing team is looking for one as well, apply soon!

    Poništi
  20. proslijedio/la je Tweet
    10. pro 2019.

    Learn how found and exploited SockPuppet for iOS 12.4, featuring a bonus collaboration with LiveOverflow!

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·