Fuzzing has proven to be a highly effective approach to uncover software bugs over the past
decade. After AFL popularized the groundbreaking concept of lightweight coverage …

The release of AFL marked an important milestone in the area of software security testing,
revitalizing fuzzing as a major research topic and spurring a large number of research …

Real-world programs expecting structured inputs often has a format-parsing stage gating the
deeper program space. Neither a mutation-based approach nor a generative approach can …

Modern JavaScript engines that power websites and even full applications on the Web are
driven by the need for an increasingly fast and snappy user experience. These engines use …

We present a novel fuzzing technique, FuzzJIT, for exposing JIT compiler bugs in JavaScript
engines, based on our insight that JIT compilers shall only speed up the execution but never …

JavaScript has become an essential part of the Internet infrastructure, and today's interactive
web applications would be inconceivable without this programming language. On the …

Coverage-guided fuzzers expose bugs by progressively mutating testcases to drive
execution to new program locations. Code coverage is currently the most effective and …

Rapid embedded device proliferation is creating new targets and opportunities for
adversaries. However, the complex interactions between firmware and hardware pose …

JavaScript interpreters, crucial for modern web browsers, require an effective fuzzing
method to identify security-related bugs. However, the strict grammatical requirements for …

Browser APIs are essential to the modern web experience. Due to their large number and
complexity, they vastly expand the attack surface of browsers. To detect vulnerabilities in …