ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Fuzzing Rust with Shnatsel"
Episode Synopsis
Fuzzing Rust with Shnatsel
In this fresh episode of Security headlines we interview Shnatsel
about rust fuzzing, we jump in the rabbit holes of Rust and fuzzing and
explore the magical world.
In this episode we cover:
Fuzzing in rust
i side track to openbsd ofc
we talk about internal builds
using clippy to inform people about best practices
clippy in Rust CI systems
Rust in enterprise systems
linting in rust
the cargo build system
security exploits
rebuilding binaries
cloud binaries
cargo rfc
cargo fuzz
AFL/american fuzzyloop, hongfuzz, libfuzzer
binaries
dependencies in rust
finding zero days
unmaintained code in production
versions in binaries
auditing binaries
finding bugs in rust, C and C++ code
claiming CVEs
address sanitizer
going beyond address sanitizer to find use after free/Use of uninitialized memory bugs
binary parser
angola fuzzer
memory sanitizer
finding new and interesting bugs in your codebase
rust sub reddit
libdfuzz
External links:
https://github.com/rust-fuzz/auto-fuzz-test
https://github.com/Shnatsel/rust-audit
https://github.com/AngoraFuzzer/Angora
https://web.cs.ucdavis.edu/~hchen/paper/chen2018angora.pdf
https://github.com/rust-fuzz/cargo-fuzz
https://github.com/avadacatavra/unsafe-unicorn
https://rust.firosolutions.com
https://reddit.com/r/Rust
https://lcamtuf.coredump.cx/afl/
https://github.com/rust-fuzz
https://github.com/rust-fuzz/trophy-case
https://blog.firosolutions.com/2020/07/superhero-rust-fuzzing/
In this fresh episode of Security headlines we interview Shnatsel
about rust fuzzing, we jump in the rabbit holes of Rust and fuzzing and
explore the magical world.
In this episode we cover:
Fuzzing in rust
i side track to openbsd ofc
we talk about internal builds
using clippy to inform people about best practices
clippy in Rust CI systems
Rust in enterprise systems
linting in rust
the cargo build system
security exploits
rebuilding binaries
cloud binaries
cargo rfc
cargo fuzz
AFL/american fuzzyloop, hongfuzz, libfuzzer
binaries
dependencies in rust
finding zero days
unmaintained code in production
versions in binaries
auditing binaries
finding bugs in rust, C and C++ code
claiming CVEs
address sanitizer
going beyond address sanitizer to find use after free/Use of uninitialized memory bugs
binary parser
angola fuzzer
memory sanitizer
finding new and interesting bugs in your codebase
rust sub reddit
libdfuzz
External links:
https://github.com/rust-fuzz/auto-fuzz-test
https://github.com/Shnatsel/rust-audit
https://github.com/AngoraFuzzer/Angora
https://web.cs.ucdavis.edu/~hchen/paper/chen2018angora.pdf
https://github.com/rust-fuzz/cargo-fuzz
https://github.com/avadacatavra/unsafe-unicorn
https://rust.firosolutions.com
https://reddit.com/r/Rust
https://lcamtuf.coredump.cx/afl/
https://github.com/rust-fuzz
https://github.com/rust-fuzz/trophy-case
https://blog.firosolutions.com/2020/07/superhero-rust-fuzzing/
More episodes of the podcast Security Headlines
Introducing Hacker Talk
03/03/2022
Fuzzing with Patrick Ventuzelo
24/10/2021
Osint Special with Jay Townsend
17/08/2021
Security Headlines with Kolja Weber
19/01/2021
ChalmersCTF with Michael Dubell
17/12/2020
Security Headlines with Antoine Jacoutot
04/12/2020
DynaGuard Special
30/11/2020
Security Headlines with Jonas Lejon
20/11/2020
Security Headlines with Johan Rydberg Moller
13/11/2020
Security Headlines with Eijah
06/11/2020
In God we trust