Mastodawn

🐱‍💻 Ah, the riveting saga of #fuzzers on a "world tour" that no one asked for, infiltrating a whopping 13 cities like a traveling circus of byte-juggling clowns. 🎪 Let's just say it's as exhilarating as watching paint decode, with all the relevance of a French revolutionary complaining about gate fees. 🚪🔒
https://tigerbeetle.com/blog/2025-11-28-tale-of-four-fuzzers/ #worldtour #bytejuggling #cybersecurity #techhumor #travelingcircus #HackerNews #ngated

A Tale Of Four Fuzzers

Insights, updates, and technical deep dives on building a high-performance financial transactions database.

Hacker News Nov 28

A Tale of Four Fuzzers

https://tigerbeetle.com/blog/2025-11-28-tale-of-four-fuzzers/

#HackerNews #A #Tale #of #Four #Fuzzers #technology #fuzzing #security #softwaredevelopment #cybersecurity

A Tale Of Four Fuzzers

Insights, updates, and technical deep dives on building a high-performance financial transactions database.

Justice for Sepulveda Martinez Aug 31

Curious if anyone here would be interested in a long post on a not very well known #scheme
Specifically Owl Lisp
https://gitlab.com/owl-lisp/owl
I've got an old talk I gave in the dfw hacking scene on Radamsa, the primary tool written in Owl Lisp, and I think I'm going to try to dust it off and publish it with some extra online material to along with it. Basically a mix of PL theory at work in industry that isn't about dependent types or something complicated like that, just a little language and what that gives you when you devote yourself to authoring tools in your own language. fwiw this is not cheerleading though I love lisp, but an attempt at a sober examination of a somewhat rare phenomenon, a (very) successful lisp project, out in the world that uses its own dialect of scheme.
#lisp #vulnerability #tools #infosec #fuzzers

owl-lisp / owl · GitLab

A functional Scheme for world domination

GitLab

Show thread

hexamander Feb 28, 2024

Knowledge matters

How do we avoid making the same ten implementation mistakes again and again?

...cynically, we don't. This is why I'm still employed as a web application tester; the OWASP Top Ten still bite hard.

Less cynically, we do it by knowing that there are only so many kinds of fraud to perpetrate, and looking for places those can be made to work on an existing system.

We know patterns and we apply them with all the creativity the human mind can muster.

That means, to be thorough, we have to remember and look for as many as possible. Yes, this is a difficult cognitive task.

It is also not one a machine can perform. It builds on context and adds history, creativity, and the endless drive to find just one more way in.

I already have #fuzzers and regex-generation tools. Those, frankly, will not be improved by adding the massive processor load LLMs require.

What I do need is time, context, and knowledge, to create an attack that will work.

Luciano Remes Jun 12, 2023

Whenever explaining my research, I always inevitably get asked "What is a Fuzzer", so I wrote a blog about it:

What is a Fuzzer?
https://www.lremes.com/posts/fuzzing/

#fuzzers #fuzzing #security #AFL #systems

Luciano Remes | What is a Fuzzer?

Inspiration: I wrote my undergrad Thesis on a new distributed fuzzer called Hopper that I built, and I always get the question: "What is a…

Luciano Remes Mar 4, 2023

Fuzzing readelf on a 48 core machine with my #distributed fuzzer Hopper:

https://github.com/Cybergenik/hopper

I have 4 more of these doing the same thing, lets see if I find something interesting.
#cloudlab #fuzzers #gnu

GitHub - Cybergenik/hopper: Coverage-Guided Greybox Distributed Fuzzer

Coverage-Guided Greybox Distributed Fuzzer. Contribute to Cybergenik/hopper development by creating an account on GitHub.

GitHub

postmodern Dec 12, 2022

Is there an example of where a fuzzer must fuzz multiple locations within the source data at the same time in order to trigger a vulnerability? Most fuzzing only fuzzes one location within the source data at a time before advancing to the next fuzzing location.
#fuzzing #fuzzers