OpenAI: Yoo-hoo, look over here, we do that security stuff too!

Speaking of Codex: OpenAI on Monday released a Codex Security plugin⁠ that the company says “enables out-of-the-box defensive ...
GitHub

README_artifact.md

This is the implementation of our research paper, "Fuzz4All: Universal Fuzzing with Large Language Models", accepted at ICSE 2024. The purpose of this artifact is to provide a complete, reproducible, ...
IEEE

A Coverage-Guided Fuzzing Method for Automatic Software Vulnerability Detection Using Reinforcement Learning-Enabled Multi-Level Input Mutation

Abstract: Fuzzing is a popular and effective software testing technique that automatically generates or modifies inputs to test the stability and vulnerabilities of a software system, which has been ...
IEEE

TransferFuzz: Fuzzing with Historical Trace for Verifying Propagated Vulnerability Code

Abstract: Code reuse in software development frequently facilitates the spread of vulnerabilities, making the scope of affected software in CVE reports imprecise. Traditional methods primarily focus ...
GitHub

Program Environment Fuzzing (EnvFuzz)

For example, the following demo shows how to fuzz a GUI application using EnvFuzz: [Demo of EnvFuzz fuzzing a GUI application binary (gnome-calculator). First, the app is run normally, and all ...