Blog

Latest Post

Nov 26, 2021

Fuzzing101 with LibAFL - Part IV: Fuzzing LibTIFF

Twitter user Antonio Morales created the Fuzzing101 repository in August of 2021. In the repo, he has created exercises and solutions meant to teach the basics of fuzzing to anyone who wants to learn how to find vulnerabilities in real software projects. The repo focuses on AFL++ usage, but this series of posts aims to solve the exercises using LibAFL instead. We’ll be exploring the library and writing fuzzers in Rust in order to solve the challenges in a way that closely aligns with the suggested AFL++ usage. Read more

All Posts

  • Fuzzing101 with LibAFL - Part IV: Fuzzing LibTIFF - Nov 26, 2021
  • Fuzzing101 with LibAFL - Part III: Fuzzing tcpdump - Nov 26, 2021
  • Fuzzing101 with LibAFL - Part II: Fuzzing libexif - Nov 20, 2021
  • Fuzzing101 with LibAFL - Part I.V: Speed Improvements to Part I - Nov 14, 2021
  • Fuzzing101 with LibAFL - Part I: Fuzzing Xpdf - Nov 7, 2021
  • Course Review - Offensive Security's Windows User Mode Exploit Development (EXP-301/OSED) - Jun 16, 2021
  • OSCE Exam Practice - Part IX (LTER via SEH Overwrite w/ Restricted Character Set) - May 25, 2020
  • OSCE Exam Practice - Part VIII (LTER via EIP Overwrite w/ Restricted Character Set) - May 24, 2020
  • OSCE Exam Practice - Part VII (GTER via EIP Overwrite w/ Socket Reuse Payload) - May 22, 2020
  • OSCE Exam Practice - Part VI (HTER via EIP Overwrite w/ Restricted Character Set) - May 21, 2020
  • OSCE Exam Practice - Part V (KSTET via 3-stage Shellcode) - May 19, 2020
  • OSCE Exam Practice - Part IV (GMON via SEH Overwrite w/ Stack Pivot) - May 18, 2020
  • OSCE Exam Practice - Part III (GMON via SEH Overwrite w/ Egg Hunter) - May 14, 2020
  • OSCE Exam Practice - Part II (TRUN via EIP Overwrite) - May 14, 2020
  • OSCE Exam Practice - Part I (Lab Setup) - May 13, 2020
  • How to Build an Automated Recon Pipeline with Python and Luigi - Part VI (Wrapping Up) - Jan 22, 2020
  • How to Build an Automated Recon Pipeline with Python and Luigi - Part V (Web Scanning) - Jan 22, 2020
  • How to Build an Automated Recon Pipeline with Python and Luigi - Part IV (Subdomain Enumeration) - Jan 22, 2020
  • How to Build an Automated Recon Pipeline with Python and Luigi - Part III (Port Scanning II) - Jan 22, 2020
  • How to Build an Automated Recon Pipeline with Python and Luigi - Part II (Port Scanning I) - Jan 22, 2020
  • How to Build an Automated Recon Pipeline with Python and Luigi - Part I (Setup and Scope) - Jan 22, 2020
  • Kringlecon 2 Turtle Doves (2019) - Jan 14, 2020
  • HTB{ ellingson } - Oct 19, 2019
  • HTB{ Swagshop } - Sep 28, 2019
  • HTB{ onetwoseven } - Aug 31, 2019
  • How to Hunt Bugs in SAML; a Methodology - Part III - Apr 24, 2019
  • How to Hunt Bugs in SAML; a Methodology - Part II - Apr 24, 2019
  • How to Hunt Bugs in SAML; a Methodology - Part I - Apr 24, 2019
  • HTB{ Vault } - Apr 6, 2019
  • HTB{ Curling } - Mar 30, 2019
  • HTB{ Frolic } - Mar 23, 2019
  • HTB{ Access } - Mar 2, 2019
  • HTB{ Zipper } - Feb 23, 2019
  • HTB{ Giddy } - Feb 16, 2019
  • HTB{ Ypuffy } - Sep 15, 2018
  • HTB{ Reddish } - Jan 26, 2019
  • HTB{ Mischief } - Jan 5, 2019
  • HTB{ Smasher } - Nov 24, 2018
  • HTB{ Jerry } - Nov 17, 2018
  • HTB{ Reel } - Nov 10, 2018
  • HTB{ Dropzone } - Nov 3, 2018
  • HTB{ Tartarsauce } - Oct 20, 2018
  • HTB{ DevOops } - Oct 13, 2018
  • Hacktoberfest 2018 - First Time Participant - Oct 7, 2018
  • HTB{ Sunday } - Sep 29, 2018
  • HTB{ Olympus } - Sep 19, 2018
  • HTB{ Canape } - Sep 15, 2018
  • Python3 Asymmetric Shellcode Crypter and Decrypter - Aug 8, 2018
  • X64 Linux Shellcode Polymorphism - Aug 7, 2018
  • X64 Linux Metasploit XOR Encoded Reverse TCP Shell Analysis - Aug 5, 2018
  • X64 Linux Metasploit execve /bin/sh Shellcode Analysis - Aug 4, 2018
  • X64 Linux Metasploit TCP Bind Shell Analysis - Aug 3, 2018
  • Python3 Rolling XOR Encoder with X64 Decoder Stub - Aug 1, 2018
  • X64 Linux Egghunter Shellcode - Jul 29, 2018
  • X64 Linux Reverse TCP Shellcode with Authentication - Jul 25, 2018
  • X64 Linux Bind TCP Shellcode with Authentication - Jul 22, 2018
  • X64 Linux Assembly Environment Setup - Jul 22, 2018
  • My .bashrc - Jul 18, 2018
  • My .vimrc - Jul 16, 2018
  • jmp-call-pop Technique - Jul 15, 2018