Happy to announce "Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing", my first (first author) paper got accepted at USENIX Security 2022. The preprint is available here: usenix.org/conference/use…. The code will be released here: github.com/fuzzware-fuzzer

is-eqv.bsky.social and I just published the source code of our hypervisor-based snapshot fuzzer for complex network targets (+ vulns in firefox): github.com/RUB-SysSec/nyx…. Check it out!

We did it, Fuzzware is finally open source! Find the code here: github.com/fuzzware-fuzze… And our experiments here: github.com/fuzzware-fuzze… Feel free to try it out. Let me know if you have any comments/suggestions about the project, or questions about the setup.

This is what DJI’s Drone-ID packets look like. every drone broadcasts this data all the time. we managed to receive + decode the packets over the air. no encryption. (we saw some confusion around that before) merlinchlosta 1/n

From a VR student today on our ROP chain lessons. I'm dying 😂: "This week's been like"

Looks like we can trivially spoof the drone pilot's position (DJI's DroneID transmits the position of both drone and pilot)

1/ CW: Holocaust. Since most of you will never visit Erfurt, a short thread on how engineering prowess devoid of humanity can lead to the most evil kinds of technological progress. A warning for all techies. I'll start in the next tweet for those for whom this is too much. ↵

Interested in #fuzzing browser JIT compilers? @bernhl will present our paper on differential fuzzing to find subtle miscomputation bugs in JS JIT compilers tomorrow at 11:30 in track 1E at ACM CCS 2025 2022! Paper: mu00d8.me/paper/bernhard… cc Tobias Scharnowski Tim Blazytko Thorsten Holz

Interested in drones and their security? Nico Schiller just presented our work at #NDSS23 If you missed the talk, paper’s at ndss-symposium.org/wp-content/upl…

Das Team um Nico Schiller und Thorsten Holz hat die Ergebnisse zur #Drohnen-Sicherheit auf dem @ndsssymposium vorgestellt. Gefördert wurden die Arbeiten von DFG public | @[email protected] im Rahmen von CASA - Cluster of Excellence for Cyber Security und @bmbf_bund. Mehr dazu: news.rub.de/wissenschaft/2…

A novel perspective on fuzzing complex protocols. There are 2 endpoints: a generator producing data and a consumer receiving it. Instead of mutating the inputs for the target program, inject faults into the data generation program so that data is almost of the expected format.

Humbled and grateful that our paper Fuzztruction received a Distinguished Paper Award and was the runner up to the Internet Defense Prize USENIX Security #usesec23 Find the paper at usenix.org/conference/use… Thanks Moritz Schloegel, Tobias Scharnowski, Nico Schiller, Thorsten Holz

Fuzzing is hard, evaluating fuzzing is harder 🔥 For our new IEEE S&P paper, we studied 150 fuzzing evals and found issues such as lackluster documentation, bad experiment setups, or questionable CVEs 📄 Paper mschloegel.me/paper/schloege… 🔧 Help us fix this github.com/fuzz-evaluator…

.Moritz Schloegel et al.: No Peer, no Cry. Network Application Fuzzing via Fault Injection mschloegel.me/paper/bars2024… [PDF]

Check out our upcoming CCS paper on fuzzing network applications! Credit goes to Nils Bars

It's not you, it's the platform. I've been taking a break from Twitter/X. You can follow me at infosec.exchange/@gannimo for unfiltered stuff, linkedin.com/in/mathias-pay… for brags, or bsky.app/profile/gannim…