CSOonline

What is AI fuzzing? And what tools, threats and challenges generative AI brings

AI fuzzing has expanded beyond machine learning to use generative AI and other advanced techniquesto find vulnerabilities in an application or system. Fuzzing has been around for a while, but it’s ...
Hackaday

Crash IoT Devices Through Protocol Fuzzing

IoT protocols are a relatively unexplored field compared to most PC-exposed protocols – it’s bothersome to need a whole radio setup before you can tinker on something, and often, for low-level ...
IEEE

LSFuzz: Learning Adaptive Seed Selection Strategies for Fuzzing

Abstract: Fuzzing is an efficient automated testing technique for discovering vulnerabilities. It generates and feeds random or pseudo-random data to the target system, aiming to trigger potential ...
IEEE

Multi-Phase Taint Analysis for JSON Inference in Search-Based Fuzzing

Abstract: As software applications grow increasingly complex, particularly in their input formats, testing these applications becomes a challenging endeavour. Automated testing techniques, such as ...
GitHub

Web Fuzzing Commons (WFC): A set of standards and library support for facilitating fuzzing Web APIs.

WFC is aimed at developers of Web API fuzzers, by providing utilities and library support for tasks that are common for all fuzzers. Currently, we focus on REST APIs. But future versions of WFC will ...
GitHub

SHERPA — Security Harness Engineering for Robust Program Analysis

The Problem: Traditional fuzzing targets low-level APIs that attackers rarely reach directly. Real exploits happen at high-level parsers processing attacker-controlled files, packets, and streams.