Thuan Pham

@ThuanpvNus

Automated software testing enthusiast. Working on program analysis and smart fuzzing.

Australia
Vrijeme pridruživanja: listopad 2015.

Tweetovi

Blokirali ste korisnika/cu @ThuanpvNus

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @ThuanpvNus

  1. Prikvačeni tweet
    11. sij

    "AFLNet: A Greybox Fuzzer for Network Protocols", my joint work with & Abhik, is accepted as a testing tool paper . It was motivated by many requests from AFL users for . Stay tuned for preprint & tool (with funder's approval).

    Prikaži ovu nit
    Poništi
  2. prije 8 sati

    Great findings! I really want to play with these "toys" and fuzz them using

    Poništi
  3. proslijedio/la je Tweet
    prije 18 sati

    Why is fuzzing not part of the development lifecycle yet? 🤔

    Poništi
  4. proslijedio/la je Tweet
    prije 10 sati

    .: "There is a simple mitigation: If an instruction fails, do not execute any instructions that depend on it". Thanks, Yuval, for coming down to visit us at the Monash Fuzzing Lab in Melbourne! Great to have you here.

    Poništi
  5. proslijedio/la je Tweet
    5. velj

    The AFL++ website is up: Very naive ATM, I'm open to suggestions.

    Poništi
  6. proslijedio/la je Tweet
    1. velj

    I also uploaded the first Paper Review, on "Building Fast Fuzzers"!

    Poništi
  7. proslijedio/la je Tweet
    1. velj

    Our amazing speaker line has been released. Check them out below on our website. The schedule will be announced soon🥳👇👇

    Poništi
  8. 30. sij

    My take-away from recent review article paper of P. Godefroid -- 3 (of N) open challenges in 1) how to engineer exhaustive symbolic testing in a cost-effective manner, 2) how to automate the generation of input grammars, and 3) how to effectively fuzz distributed apps

    Poništi
  9. proslijedio/la je Tweet
    28. sij

    Over the past few years I've spent 100s (1000s?) of hours studying how companies have scaled their security. Here are my slides that distill what I've learned- the big, scalable, systematic wins that measurably improve your security posture.

    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    28. sij

    Check out ' tips on Fuzzing, to overcome known challenges and maximize results:

    Poništi
  11. proslijedio/la je Tweet
    24. sij

    My conjecture* for 2020. An 𝗲𝘅𝗽𝗼𝗻𝗲𝗻𝘁𝗶𝗮𝗹 increase in the # cores available to your favourite fuzzer yields a 𝗹𝗶𝗻𝗲𝗮𝗿 increase in coverage achieved (or # bugs found) after a fixed time budget. Maybe less. *Give me counter-evidence!

    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    22. sij

    Finally uploaded video of my talk "Expanding the Reach of Fuzz Testing", which I gave at UMass Amherst! Introduces PerfFuzz, FuzzFactory, FairFuzz, Zest + JQF, RLCheck and Autopandas 😃

    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    20. sij

    We () just opened our software testing lecture notes. It currently contains 14 full chapters, 52k words, 63 videos, and 82 exercises. License: CC-BY-NC-SA. Feel free to use it!

    Poništi
  14. proslijedio/la je Tweet
    16. sij

    📢 Announcing better support for fuzzing with structured inputs in Rust! 📢 New releases of `cargo fuzz`, `libfuzzer-sys`, and `arbitrary` better support writing fuzz targets that take well-formed instances of custom input types. Details:

    Poništi
  15. proslijedio/la je Tweet
    12. sij

    I'm using Afl to find "packet of death" for 3 years, but never manage to detect statefull bug with it. Indeed there little litterature on the subject. Can't wait to read more details on

    Poništi
  16. proslijedio/la je Tweet
    13. sij
    Prikaži ovu nit
    Poništi
  17. 11. sij

    It lengthens a series of AFL-based work in great collaboration with and Abhik Roychoudhury & AFLFast (CCS'16) -> AFLGo (CCS'17) -> AFLSmart (TSE'19) -> AFLNet (ICST'2020) -> what's next? :)

    Prikaži ovu nit
    Poništi
  18. 11. sij

    Key ideas of : state feedback & code coverage feedback work hand-in-hand, automatic state machine inference @ run-time, & toward progressive states. CVEs with CVSS score 9.8 (CRITICAL) discovered in Real-Time Streaming Protocol (RTSP) server.

    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet

    🎉 First security blogpost of 2020 🎉 Some people ask me, so here is how to start fuzzing APIs of JavaScript engines like Chrome/V8. In this blogpost, I'm using: ✅ Dharma/Domato ✅ Chrome/v8 ASan pre-built ✅ Honggfuzz ;)

    Poništi
  20. 20. pro 2019.

    Most recent paper on attacks over the Controlled Area Network (CAN) bus on cars. So cool!

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·