Superseded by account @sergeyb
(https://honk.bronevichok.ru/u/sergeyb)
| Blog | https://bronevichok.ru/ |
| GitHub | https://github.com/ligurio |
Another one fuzzing engine for Lua is afl-lua. It is an integration of AFL (American Fuzzy Lop) with Lua programming language.
https://github.com/ligurio/afl-lua
It is not feature-rich and effective as luzer (libfuzzer-based), but it is only initial version and I plan to make it sweet too.
Finally published a coverage-guided, native Lua fuzzing engine. I'll do some polishing before a first release, but it's ready for use now.
Some highlights: usage is quite similar to libfuzzer - define a fuzzing target and pass it to a function Fuzz, custom mutator can be defined as a Lua function, structure-aware inputs can be constructed using Fuzzing Data Provider (the same way as in libFuzzer). Moreover, added a code for building custom mutators in Lua for libFuzzer-based targets. Enjoy!
Would be nice to hear feedback!
A huge list with applications that uses telemetry with instructions how to opt it out.
Anyone can help cppcheck by donating CPU (1 core or as many as you like). It is simple:
Download Cppcheck source code and run script.
The script will analyse debian source code and upload the results to a cppcheck server. This is needed both to improve Cppcheck and to detect regressions.
Might make a couple final tweaks, but I'm pretty happy with this.
I present you: "This is fine", a diorama built from a single piece of paper.
"In the context of auditing Pornhub we have identified two critical flaws in PHP’s garbage collection algorithm (c.f. How we broke PHP, hacked Pornhub and earned $20,000)."
https://www.evonide.com/breaking-phps-garbage-collection-and-unserialize/
Lobsters
Benjamin Dumke-von der Ehe