Download

In this article, we will show you how we found vulnerabilities in a large open-source project with libFuzzer.

We are talking about suricata, an Intrusion Detection System and Intrusion Prevention System (IDS/IPS). Although the project already uses fuzzing with AFL extensively, we found 14 more bugs in the program code with libFuzzer, 12 of them being critical vulnerabilities (CVEs).

libFuzzer is a powerful tool, but it has a certain complexity. If you are looking for a more user-friendly way, you can read more about CI Fuzz here. Download our Whitepaper to learn more.

1571910064-fuzzing-is-so-hot

Magic behind Fuzzing

You are wondering why fuzzing is gathering so much popularity and looking for more information? Read our blog article.

onepager-tech

Technical overview

Download the technical product information sheet. Learn about the underlying technologies and discover product use cases.

ZINT_neu

CVE Hunting

In this webinar we will show you how we have found a CVE in the open-source barcode generator ZINT with feedback-based fuzzing.