[PDF][PDF] Semantic-informed driver fuzzing without both the hardware devices and the emulators
Device drivers are security-critical. In monolithic kernels like Linux, there are hundreds of
thousands of drivers which run in the same privilege as the core kernel. Consequently, a …
thousands of drivers which run in the same privilege as the core kernel. Consequently, a …
Efficient greybox fuzzing to detect memory errors
Greybox fuzzing is a proven and effective testing method for the detection of security
vulnerabilities and other bugs in modern software systems. Greybox fuzzing can also be …
vulnerabilities and other bugs in modern software systems. Greybox fuzzing can also be …
Leveraging textual specifications for grammar-based fuzzing of network protocols
Grammar-based fuzzing is a technique used to find software vulnerabilities by injecting well-
formed inputs generated following rules that encode application semantics. Most grammar …
formed inputs generated following rules that encode application semantics. Most grammar …
[PDF][PDF] Winnie: Fuzzing windows applications with harness synthesis and fast cloning
Fuzzing is an emerging technique to automatically validate programs and uncover bugs. It
has been widely used to test many programs and has found thousands of security …
has been widely used to test many programs and has found thousands of security …
[HTML][HTML] StateAFL: Greybox fuzzing for stateful network servers
R Natella - Empirical Software Engineering, 2022 - Springer
Fuzzing network servers is a technical challenge, since the behavior of the target server
depends on its state over a sequence of multiple messages. Existing solutions are costly …
depends on its state over a sequence of multiple messages. Existing solutions are costly …
SFuzz: Slice-based Fuzzing for Real-Time Operating Systems
Real-Time Operating System (RTOS) has become the main category of embedded systems.
It is widely used to support tasks requiring real-time response such as printers and switches …
It is widely used to support tasks requiring real-time response such as printers and switches …
BLEEM: packet sequence oriented fuzzing for protocol implementations
Protocol implementations are essential components in network infrastructures. Flaws hidden
in the implementations can easily render devices vulnerable to adversaries. Therefore …
in the implementations can easily render devices vulnerable to adversaries. Therefore …
Evocatio: Conjuring bug capabilities from a single poc
Z Jiang, S Gan, A Herrera, F Toffalini… - Proceedings of the …, 2022 - dl.acm.org
The popularity of coverage-guided greybox fuzzers has led to a tsunami of security-critical
bugs that developers must prioritize and fix. Knowing the capabilities a bug exposes (eg …
bugs that developers must prioritize and fix. Knowing the capabilities a bug exposes (eg …
Constraint-guided directed greybox fuzzing
Directed greybox fuzzing is an augmented fuzzing technique intended for the targeted
usages such as crash reproduction and proof-of-concept generation, which gives …
usages such as crash reproduction and proof-of-concept generation, which gives …
webfuzz: Grey-box fuzzing for web applications
O van Rooij, MA Charalambous, D Kaizer… - … –ESORICS 2021: 26th …, 2021 - Springer
Fuzzing is significantly evolved in analysing native code, but web applications, invariably,
have received limited attention until now. This paper designs, implements and evaluates …
have received limited attention until now. This paper designs, implements and evaluates …