Suricata War Story
Download our war story on how we found vulnerabilities in a major open-source project using libFuzzer.
In this article, we will show you how we found vulnerabilities in a large open-source project with libFuzzer.
We are talking about suricata, an Intrusion Detection System and Intrusion Prevention System (IDS/IPS). Although the project already uses fuzzing with AFL extensively, we found 14 more bugs in the program code with libFuzzer, 12 of them being critical vulnerabilities (CVEs).
libFuzzer is a powerful tool, but it has a certain complexity. If you are looking for a more user-friendly way, you can read more about CI Fuzz here. Download our Whitepaper to learn more.
You are wondering why fuzzing is gathering so much popularity and looking for more information? Read our blog article.
Download the technical product information sheet. Learn about the underlying technologies and discover product use cases.
In this webinar we will show you how we have found a CVE in the open-source barcode generator ZINT with feedback-based fuzzing.