Marcel BöhmeOct 23, 2023

What if you could make your fuzzer ask an LLM about the correct structure and order of protocol messages as specified in hundreds of pages of RFC?

🎉 Accepted @ NDSS'24
📝 https://mpi-softsec.github.io/papers/NDSS24-chatafl.pdf
🧑‍💻 https://github.com/ChatAFLndss/ChatAFL

Led by Ruijie Meng w/ Martin Mirchev and Abhik Roychoudhury

Show threadThe Hacker‘s ChoiceOct 24, 2023
@mboehme that sounds very interesting! Hopefully one does not need a 100k server for this and you publish the workflow and model :)
Show threadMarcel Böhme
@thc You don't need a 100k server, but we blackbox use ChatGPT (via their API). It's currently under review for artifact evaluation. They should be able to run the code and with their feedback usability aspects should also improve. For now, you can check out the code on the Github page. If there are any problems, you are welcome to post an Issue there or questions here. We'll be happy to respond.
Oct 24, 2023 at 10:23amWeb