Twitter | Pretraživanje | |
Max Moroz
security team, . (& LC↯BC) CTF team. Hopefully all tweets are mine.
1.456
Tweetovi
351
Pratim
1.860
Osobe koje vas prate
Tweetovi
Max Moroz 31. sij
Odgovor korisniku/ci @Glider @kennwhite
Fake news! But yeah, it's reportedly up to 48.50% when nothing fails, although coverage from blackbox fuzzers is being sampled: we take N random test cases out of M generated in a day, and M is much bigger than N. Very likely we can hit 50% if we use more and give it more time.
Reply Retweet Označi sa "sviđa mi se"
Max Moroz proslijedio/la je tweet
Kenn White 31. sij
Today I learned Google recently hit 50% fuzzing coverage in Chrome. Wow.
Reply Retweet Označi sa "sviđa mi se"
Max Moroz proslijedio/la je tweet
Kostya Serebryany 30. sij
HWASAN (think of it as ASAN v2) has become available to developers on Android outside of Google. If you use C or C++ on Android, please give it a try. HWASAN is also available on Aarch64 Linux with a recent kernel.
Reply Retweet Označi sa "sviđa mi se"
Max Moroz proslijedio/la je tweet
Andrew R. Whalley 28. sij
Reply Retweet Označi sa "sviđa mi se"
Max Moroz proslijedio/la je tweet
Justin Schuh 🤬 14. sij
We shared an update today on our plans to phase out 3P tracking from the Web over the next two years.
Reply Retweet Označi sa "sviđa mi se"
Max Moroz 12. sij
Odgovor korisniku/ci @laparisa @googlechrome i 4 ostali
Haha, wondering what shipping costs would look like, especially international :)
Reply Retweet Označi sa "sviđa mi se"
Max Moroz 12. sij
According to , Chromium had the most commits in 2019 among open source projects: 109K. On average, a new commit was landed every 5 minutes. Quite a challenge for any continuous process, given the size of the codebase and the variety of supported platforms.
Reply Retweet Označi sa "sviđa mi se"
Max Moroz 2. sij
Awesome work, but also a very sad reminder that we're still suffering from dumb integer overflows, unchecked memcpy arguments, and (believe it or not) lack of the NX bit! It's 2020 already and stuff doesn't get less scary.
Reply Retweet Označi sa "sviđa mi se"
Max Moroz 18. pro
Odgovor korisniku/ci @mhlakhani @metzmanj
As far as I remember, a common reason we've heard is that people don't want to write harnesses and prefer fuzzing programs with main(). might remember more
Reply Retweet Označi sa "sviđa mi se"
Max Moroz 14. pro
Odgovor korisniku/ci @mhlakhani @cestlemieux @metzmanj
Thanks for the awesome content and fun presentations!
Reply Retweet Označi sa "sviđa mi se"
Max Moroz 14. pro
And here are the slides from Fuzzing Bay Area meetup #2:
Reply Retweet Označi sa "sviđa mi se"
Max Moroz 14. pro
Mandatory reminder: don't fuzz while driving!
Reply Retweet Označi sa "sviđa mi se"
Max Moroz proslijedio/la je tweet
Ivan Wallarm 13. pro
Please be aware of the new called "Batching Attack"
Reply Retweet Označi sa "sviđa mi se"
Max Moroz proslijedio/la je tweet
Jonathan Metzman 12. pro
The video from my talk on structure-aware fuzzing at Black Hat was posted: I mostly cover libprotobuf-mutator but also discuss libFuzzer custom mutators.
Reply Retweet Označi sa "sviđa mi se"
Max Moroz proslijedio/la je tweet
Abhishek Arya 11. pro
Fuzzing always scale with developers and this is a small token of appreciation for their awesome efforts!
Reply Retweet Označi sa "sviđa mi se"
Max Moroz proslijedio/la je tweet
nedwill 10. pro
Learn how found and exploited SockPuppet for iOS 12.4, featuring a bonus collaboration with LiveOverflow!
Reply Retweet Označi sa "sviđa mi se"
Max Moroz proslijedio/la je tweet
Jonathan Metzman 8. pro
Last day to RSVP to attend the second Bay Area Fuzzer Meetup. Come hear my talk on fuzzing native code in-browser using WebAssembly!
Reply Retweet Označi sa "sviđa mi se"
Max Moroz proslijedio/la je tweet
Paul Dreik 8. pro
Shoutout to programmers in Sweden: Is there any interest in arranging a meetup? There is one in the Bay area, far far away... Please RT for reach.
Reply Retweet Označi sa "sviđa mi se"
Max Moroz proslijedio/la je tweet
Guido Vranken 5. pro
OpenSSL CVE-2019-1551: Incorrect consttime modular exponentation, found after 1.5 years of bignum fuzzing at OSS-Fuzz
Reply Retweet Označi sa "sviđa mi se"
Max Moroz 5. pro
The registration closes this Sunday. Make sure to RSVP if you're in the Bay Area on Dec 12th and want to talk / listen about fuzzing! SPOILER: besides great content, there'll be swag, food, and drinks -- all free of charge :)
Reply Retweet Označi sa "sviđa mi se"