Cornelius Aschermann
@is-eqv.bsky.social
Fuzzing & stuff https://hexgolems.com
futures.cs.utah.edu/papers/25ICS... by @snagycs.bsky.social and @gabriel-sherman.bsky.social Seems like a very sensible approach to harness generation with some impressive results. I'm looking forward to seeing more discussion about this approach :) (sorry for blatantly copying the twitter thing).
March 18, 2025 at 3:13 AM
futures.cs.utah.edu/papers/25ICS... by @snagycs.bsky.social and @gabriel-sherman.bsky.social Seems like a very sensible approach to harness generation with some impressive results. I'm looking forward to seeing more discussion about this approach :) (sorry for blatantly copying the twitter thing).
I have long argued that fuzzers are better at tracking taint than taint tracking. @andreaszeller.bsky.social et Al. build a info leak fuzzer (w/o taint tracking): dl.acm.org/doi/pdf/10.1.... It finds 10 old CVEs (ASAN: 1). Cool to see a PoC! Would probably work better with snapshot fuzzing tho ;)
January 27, 2025 at 2:56 PM
I have long argued that fuzzers are better at tracking taint than taint tracking. @andreaszeller.bsky.social et Al. build a info leak fuzzer (w/o taint tracking): dl.acm.org/doi/pdf/10.1.... It finds 10 old CVEs (ASAN: 1). Cool to see a PoC! Would probably work better with snapshot fuzzing tho ;)