FuzzingWeekly

Your weekly fuzzing update.
Subscribe to our newsletter at fuzztesting.io/fuzzing-weekly

2023-05-18

#FuzzingWeekly CW20:
This week’s theme is Back to Basics.

Fuzzing: The State of the Art - apps.dtic.mil/sti/pdfs/ADA5582

What is Fuzz Testing? - code-intelligence.com/what-is-

Fuzzing 101: Tools and Exercises - github.com/antonio-morales/Fuz

fuzztesting.io/fuzzing-weekly

2023-05-11

#FuzzingWeekly CW19
This week’s theme is Java Virtual Machine (JVM) fuzzing, including languages built on top of the JVM and the JVM itself:

Confuzzion: A Java Virtual Machine Fuzzer for Type Confusion Vulnerabilities: ieeexplore.ieee.org/abstract/d

Coverage-DirectedDifferentialTestingofJVMImplementations: wcventure.github.io/FuzzingPap

Kaizen: A Scalable Concolic Fuzzing Tool for Scala: dl.acm.org/doi/pdf/10.1145/342

fuzztesting.io/fuzzing-weekly

2023-04-14

FuzzingWeekly CW15:

Another Expression DoS Vulnerability Found in Spring - CVE-2023-20863 ➡️
code-intelligence.com/blog/exp

Fuzzing Web Applications with Wfuzz | HackTheBox baby todo or not todo ➡️
youtube.com/watch?v=008Qxzctzq

CAN do attitude: How thieves steal cars using network bus ➡️
theregister.com/2023/04/06/can

fuzztesting.io/fuzzing-weekly

2023-03-10

#FuzzingWeekly CW10:

Researchers Discover 'Kill Switch' in Starlink Terminals With Fuzzing:
itnews.com.au/news/researchers

Security Vulnerabilities Detected, Which Reveals DJI Drone Operator's Exact Location:
eurekalert.org/news-releases/9

Fuzzing an IDOR Vulnerability With ZAP:
youtube.com/watch?v=GAQd85oo6Z

fuzztesting.io/fuzzing-weekly

2023-03-03

FuzzingWeekly CW9:

Using the World's Worst Fuzzer to Find a Kernel Bug ➡️
stigward.github.io/posts/fiio-

Unit Testing Vs Fuzz Testing - Two Sides Of The Same Coin? ➡️
code-intelligence.com/blog/uni

API Fuzzing: What it is and why you should use it ➡️
youtu.be/wX3GMJY9B6A

fuzztesting.io/fuzzing-weekly

2023-02-24

FuzzingWeekly CW8:

One Weird Trick to Improve Bug Finding With ASAN ➡️
landaire.net/one-weird-asan-tr

How To Fuzz JavaScript With Jest And Jazzer.Js ➡️
code-intelligence.com/blog/fuz

Fuzzing research digest – January 2023 ➡️
reddit.com/user/BondiFuzz_com/

More @ fuzztesting.io/fuzzing-weekly

2023-02-17

FuzzingWeekly CW7

cURL Audit: How a Joke Led to Significant Findings ➡️
linkedin.com/pulse/fuzzing-atm

Phylum Discovers Revived Crypto Wallet Address Replacement Attack ➡️ blog.phylum.io/phylum-discover

boofuzz Network Protocol Fuzzing for Humans ➡️
youtube.com/watch?v=AIpTims5sX

More at fuzztesting.io/fuzzing-weekly

2023-02-10

FuzzingWeekly CW6:

Fuzzing ATM/POS protocols like a Boss ➡️
linkedin.com/pulse/fuzzing-atm

How to build a unified workflow for functional and security testing using JUnit ➡️
securitysenses.com/videos/how-

Can sanitizers find the two bugs I wrote in C++? ➡️ ahelwer.ca/post/2023-02-07-cpp

fuzztesting.io/fuzzing-weekly

2023-02-03

#FuzzingWeekly CW5:

OSS-Fuzz announced to add JavaScript support in 2023 ➡️
security.googleblog.com/2023/0

Reachable Coverage: Estimating Saturation in Fuzzing ➡️
mboehme.github.io/paper/ICSE23

Google Boosts Bounties for Open-Source Flaws Found Via Fuzzing ➡️
theregister.com/2023/02/01/goo

More at fuzztesting.io/fuzzing-weekly

2023-01-27

FuzzingWeekly CW4:

Critical RCE Vulnerabilities Found in git (CVE-2022-4190, CVE-2022-23251) ➡️
helpnetsecurity.com/2023/01/19

Fuzzing the Shield: CVE-2022-24548 ➡️
medium.com/s2wblog/fuzzing-the

A Framework for Blackbox Fuzzing Using Context-Free Grammars ➡️
shorturl.at/hNOSY

2023-01-20

FuzzingWeekly CW3:

Vulnerabilities in cryptographic libraries found through modern fuzzing ➡️
helpnetsecurity.com/2023/01/13

Keeping The Wolves Out Of WolfSSL ➡️ blog.trailofbits.com/2023/01/1

From Error_Log File(P4) To Company Account Takeover(P1) and Unauthorized Actions on API ➡️
medium.com/@mohanad.hussam23/f

2023-01-06

FuzzingWeekly CW 1:

Fuzzing is Cool, Actually ➡️
simplythetest.tumblr.com/post/

Incremental fuzzing of the admissible input space: a test framework #606➡️
github.com/DA0-DA0/dao-contrac

Fuzzing IDOR Vulnerability With ZAP!➡️
youtube.com/watch?v=GAQd85oo6Z

2022-12-23

#FuzzingWeekly CW 51

How Fuzzing Helped Me to Get My First Bounty ➡️
infosecwriteups.com/how-fuzzin

Hybrid fuzzing: Sharpening the spikes of Echidna ➡️
blog.trailofbits.com/2022/12/0

Effective Unit Testing for Java Applications: Common Challenges and Solutions ➡️
youtube.com/watch?v=rYSvBANQBB

2022-12-16

#FuzzingWeekly CW 50

Understanding Fuzz Testing in Go ➡️ blog.jetbrains.com/go/2022/12/

Fuzzing Golang msgpack for fun and panic ➡️ redcanary.com/blog/fuzzing/

Finding JIT Optimizer Bugs using SMT Solvers and Fuzzing ➡️ pypy.org/posts/2022/12/jit-bug

#fuzzing #softwaresecurity

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst