📡 [Monthly Fuzzing] June 2024 Here is the latest fuzzing news released last month! 📺 Videos/Podcasts FuzzyAI: Attacking LLMs With Coverage-Guided Fuzzing - youtu.be/hBPiiaUiOH8?si… Your NVMe Had Been Syz'ed - youtu.be/Jc25CM1Ppgo?si… Linux Fuzzing Tutorial with AFL Fuzzer - youtube.com/watch?v=g6BQ-A… A Bug Hunter’s Reflections on Fuzzing - a13xp0p0v.github.io/img/Alexander_… / youtube.com/watch?v=wTbFmd… 📝 Blogposts/Papers/Slides Your NVMe Had Been Syz’ed: Fuzzing NVMe-oF/TCP Driver for Linux with Syzkaller - cyberark.com/resources/thre… Coverage guided fuzzing for native Android libraries (Frida & Radamsa) - knifecoat.com/Posts/Coverage… Large Language Model guidedProtocol Fuzzing - mboehme.github.io/paper/NDSS24.p… Talos releases new macOS open-source fuzzer - blog.talosintelligence.com/talos-releases… To Boldly Go Where No Fuzzer Has Gone Before: Finding Bugs in Linux’ Wireless Stacks through VirtIO Devices - computer.org/csdl/proceedin… Everything is Good for Something: Counterexample-Guided Directed Fuzzing viaLikely Invariant Inference - nebelwelt.net/files/24Oaklan… Hunting bugs in Nginx JavaScript engine (njs) - 0xbigshaq.github.io/2024/05/24/njs… Introducing LLM-based harness synthesis for unfuzzed projects - blog.oss-fuzz.com/posts/introduc… TSS @ NUS - Fuzz Testing publications: nus-tss.github.io/fuzzing/public… Democratizing Fuzzing at Scale - drive.google.com/file/d/1lUFIug… Thread on (counter-)intuitive fuzzing behavior and statistics - x.com/mboehme_/statu… Blackbox-Fuzzing of IoT Devices Using the Router TL-WR902AC as Example - tsmr.eu/blackbox-fuzzi… ⚙️ Tools/Repositories github.com/user1342/AutoC…: AutoCorpus is a tool backed by a large language model (LLM) for automatically generating corpus files for fuzzing. github.com/lus33rr/AyedFu…: AyedFuzzer is a small Fuzzer with 3 options (File mutating, WinDbg-interactive monitor, multi-processing) for windows executables Cisco-Talos/snap_wtf_macos: WTF Snapshot fuzzing of macOS targets - github.com/Cisco-Talos/sn… github.com/seemoo-lab/Vir…: VirtFuzz is a Linux Kernel Fuzzer that uses VirtIO to provide inputs into the kernels subsystem. It is built with LibAFL. See you next month and take care! cc: @a13xp0p0v @GuidedHacking @mboehme_ Web version: fuzzinglabs.com/newsletter-fuz…