There's a researcher, Jiang Yuancheng, who's doing a great work finding CPython crashes and memory leaks: https://github.com/python/cpython/issues?q=is%3Aissue%20author%3AYuanchengJiang

They've come up with a very clever idea for a new way of fuzzing, made a fine tool out of it, and are reaping great results.

Fuzzing can be a diminishing returns endeavor: you only have so many bugs to find. Their approach has shown itself to cover different areas and kinds of issues well, as shown by their track record.

#CPython #Python #Fuzzer #Fuzzing #fusil

Kernel fuzzing on Mac with syzkaller

Guide to build a VM, add a vulnerable driver and crash it using syzkaller from macOS.

https://slava-moskvin.medium.com/fuzzing-the-kernel-with-syzkaller-part-1-setting-up-on-mac-and-crashing-a-vulnerable-driver-b2a3949ea575

#fuzzing #kernel

A Tale of Four Fuzzers

https://tigerbeetle.com/blog/2025-11-28-tale-of-four-fuzzers/

#HackerNews #A #Tale #of #Four #Fuzzers #technology #fuzzing #security #softwaredevelopment #cybersecurity

It turns out that, by running it on an interpreter with ASan enabled, I was the culprit of my fuzzer lafleur using way too much memory.

That even led to me buying some DDR5 to be able to fuzz a bit more comfortably. Running without ASan reduces memory usage to 1/15. So I guess now I'll have some spare RAM, and less money, going forward :)

I'll enhance the JIT fuzzer to run on a different interpreter than the fuzzing scripts, which benefit from ASan.

#lafleur #Python #CPython #fuzzer #fuzzing

LibAFL 0.15.4 has just been released 🎉

Of the 30 Contributers for this release, almost half are new faces <3

https://github.com/AFLplusplus/LibAFL/releases/tag/0.15.4

#Fuzzing #LibAFL #AFLplusplus

py5sig build automatically 5G signalling messages and fuzz SBI interfaces

Pretty cool stuff seen at the @UYBHYS workshop

#5g #fuzzing #opensource #cybersecurity

🔗 https://github.com/ANSSI-FR/py5sig

🚀 𝗙𝗹𝗮𝘀𝗵𝗙𝘂𝘇𝘇 – Una herramienta rápida y ligera para investigadores y pentesters. 🕵🏽‍♂️

Fuzzear URLs y detectar secretos directamente desde tu navegador nunca fue tan fácil.
Explora endpoints ocultos y claves sensibles en segundos, sin usar la terminal.

- Ideal para quienes buscan reconocimiento inmediato y eficiencia.

🔗 https://github.com/Ademking/FlashFuzz

#FlashFuzz #Pentesters #Fuzzing #Pentesting #EthicalHacking #CyberSecurity

I am happy to share that our paper deepSURF has been accepted to IEEE S&P 2026!

This effort was led by my student George Androutsopoulos (https://www.linkedin.com/in/gandrout/).

deepSURF combines the use of program analysis and LLMs to uncover memory safety bugs in Rust’s unsafe code.

You can check out the code and the paper here:

https://github.com/purseclab/deepSURF

https://arxiv.org/abs/2506.15648

#Rust #Security #ProgramAnalysis #LLM #Fuzzing #Purdue

So someone found a segfault in NumPy and reported it as a security bug: https://huntr.com/bounties/49928a2c-c6bb-4c1c-80ec-5d7bf708bf28. After some back and forth, the NumPy developers agreed it was a security bug (with a low score, but still).

However, since fusil had already found that crash and I had reported it 2 months earlier (https://github.com/numpy/numpy/issues/28829), the report was deemed a duplicate and no CVE was assigned.

We didn't find a CVE, but avoided one :)

Link to fix: https://github.com/numpy/numpy/pull/30071

#fusil #fuzzer #fuzzing #numpy #python

Fuzzing pyhacl (https://codeberg.org/drlazor8/pyhacl), a package of Cython bindings for HACL* (the High Assurance Cryptographic Library), with fusil we only found one crash.

It turned out to actually be a silly bug in #Cython:

Issue: https://github.com/cython/cython/issues/7263

Fix: https://github.com/cython/cython/pull/7264

Goes to show how fuzzing a C-extension can uncover crashes in many different layers.

Thanks @drlazor8 for taking up the call for C-extensions maintainers to fuzz their code.

#fusil #Python #pyhacl #hacl #fuzzing #fuzzer

After a pause, we're back to running fusil. This time, to fuzz cereggii, a package of very interesting thread synchronization utilities for #Python, made of C-extensions.

We tailored #fusil to target these #cereggii utilities, finding more issues.

Daniele Parmeggiani (dpdani), the maintainer, has been helping in the effort and being very supportive. That's the best welcome fusil has received in any project :)

Here are the issues we found: https://github.com/dpdani/cereggii/issues?q=label%3A%22fusil-fuzzer%22

#CPython #fuzzing #fuzzer

Been running a fusil campaign for a week, targeting a C-extension. The fuzzer has found 9 issues so far, feels good.

The maintainer is helping with the campaign and eager to fix the issues, which is great.

Some maintainers see us with suspicion and often disregard issues, as if we're after accolades, pointing fingers or complaining about the code.

We fuzz to help, that's all.

Anyway, if you have a C-extension and would like it fuzzed, hit me up :)

#fusil #Python #CPython #fuzzing #fuzzer

The process by which the Church of Scientology gained IRS recognition as a religion is best described as a #fuzzing attack on the legal system.

#infosec #lawsec

'China on Sunday accused the U.S. National Security Agency (NSA) of carrying out a "premeditated" cyber attack targeting the National Time Service Center (NTSC), as it described the U.S. as a "hacker empire" and the "greatest source of chaos in cyberspace."
#timeisnow #fuzzing
https://thehackernews.com/2025/10/mss-claims-nsa-used-42-cyber-tools-in.html

lafleur, the CPython JIT fuzzer, now can compare timings for running a piece of code with JIT on and off.

The idea is that if the run with JIT on is much slower that with JIT off, we have found a performance bug.

Brandt Bucher suggested this mode. It took a while to get started on it, but it was simple to implement on top of Differential Mode.

So many modes, so little compute available...

#lafleur #JIT #fuzzing #fuzzer #CPython #Python

check out my new blog post on hacking APIs, and the implications! :) #hacking #API #developer #fuzzing #reverseengineering

https://cha1nc0der.wordpress.com/2025/10/13/breaking-apis-without-breaking-laws-mostly/?utm_source=mastodon&utm_medium=jetpack_social

heise+ | Bessere Sicherheitstests mit #Fuzzing – Schwachstellen suchen und finden | Developer https://www.heise.de/hintergrund/Bessere-Sicherheitstests-mit-Fuzzing-Schwachstellen-suchen-und-finden-10732939.html #heiseplus #CRA #CyberResilienceAct

Differential Mode has just landed in lafleur, the CPython JIT fuzzer. It runs the same code with and without the JIT, compares the result, and flags any discrepancies.

It does this while mutating the code in a feedback-guided loop, so it evolves the fuzzing scripts trying to find one where the JIT gives wrong results.

This is actually the 2nd time this feature is implemented (now better and more robust): it used to work, broke, and now is back.

#lafleur #JIT #fuzzing #fuzzer #CPython #Python

The Debugging Book

Interactive guide exploring automated debugging, testing, and program repair with Python examples for researchers and developers.

https://www.debuggingbook.org/

#Fuzzing #Testing