首页
论坛
专栏
课程

[分享]关于 fuzz 的 一点总结

2019-3-11 20:37 5986

[分享]关于 fuzz 的 一点总结

2019-3-11 20:37
5986

对 fuzz 的一点总结

写在前面

其实,本来是想去年年底总结一下的,可人总是容易拖延,这一拖延就不知道到了什么时候。

 

古人说,穷则思变。正好借着机会,整理一下之前的一个学习思路,日后可以定期更新一下本篇文章(关于 fuzz 主题吧)。

安全行业资讯的一些来源

fuzz 书籍

fuzzer 分类

  1. 注入向量或攻击向量

应用程序

  • 服务端

  • 客户端

  • 文件/媒体类
    ------ 图形库
    ------ 内存处理
    ------ OS 系统调用
    ------ 网络 API

  • 文件系统 ------ NFS CIFS ISCSI RPC
  • APPS/GUI ------- OSI 应用层
  • 蓝牙/无线协议 ----- 无线数据链路层
  1. 测试用例复杂程度

    输入 软件层面 解码/语法验证/语义验证

    a. 静态/随机的基于模板的 fuzzer ==> 请求-响应 协议,文件格式

    b. 基于块的 fuzzer ==> 校验和/长度值校验

    c. 动态生成/基于进化的 fuzzer ==> 无需理解协议/文件格式 基于反馈的

    d. 基于模型/模拟的 fuzzer

(以上是 fuzz 软件安全测试书中的定义)

  • 或者按下面这种分也可以:
  1. 基于生成/基于变异的fuzzer

  2. 输入感知/程序感知与否的fuzzer

fuzz tutorial/教程/思路/文章

一些博客网站

https://blog.fuzzing-project.org/archive fuzz 项目
https://googleprojectzero.blogspot.com google project zero团队 博客
https://blog.talosintelligence.com 博客
https://www.zerodayinitiative.com/blog/ zdi 博客
https://www.peerlyst.com/posts/the-fuzzing-wiki-learning-to-fuzz-better-peerlyst fuzz wiki
https://github.com/search?q=fuzz&type=Topics github 上 相关
https://blog.gdssecurity.com/labs/tag/fuzzing
http://pentestit.com/category/fuzzing/
https://blog.trailofbits.com/category/fuzzing/
https://blog.exodusintel.com
https://alexgaynor.net/
 

下面简单地按照一些标准分了一下类,可能不太准确,后面会慢慢更新。

fuzz 原理/方法论 相关

https://github.com/google/fuzzer-test-suite/blob/master/tutorial/structure-aware-fuzzing.md 结构感知 fuzz
https://barro.github.io/2018/06/afl-fuzz-on-different-file-systems/ afl-fuzz 不同文件系统
https://doar-e.github.io/blog/2016/11/27/clang-and-passes/ afl-clang-fast
https://guidovranken.com/2017/07/08/libfuzzer-gv-new-techniques-for-dramatically-faster-fuzzing/ 提升 fuzz 速度( 可以关注下 这个博客)
https://guidovranken.files.wordpress.com/2018/07/vrankenfuzz.pdf VrankenFuzz
https://bbs.pediy.com/thread-247954.htm 泉哥 honggfuzz 原理系列文章
https://bbs.pediy.com/thread-218671.htm afl 源码详解
https://bbs.pediy.com/thread-249912.htm afl 原理详解
https://bbs.pediy.com/thread-246235.htm driller,angr和AFL读码笔记以及测试例
https://www.fastly.com/blog/how-bootstrap-self-service-continuous-fuzzing 持续化的 fuzz
https://zubu.re/blog/fuzzing-automation-with-afl-and-jenkins/ afl + jenkins 搭建 fuzz 流程
https://security.googleblog.com/2016/08/guided-in-process-fuzzing-of-chrome.html in-process fuzz
https://lafintel.wordpress.com/2016/08/15/circumventing-fuzzing-roadblocks-with-compiler-transformations/ 修改编译器增加 fuzz 覆盖率
https://gamozolabs.github.io/fuzzing/2018/09/16/scaling_afl.html 提升 afl fuzz 速度(256 threads)
https://speakerdeck.com/craigstuntz/high-speed-bug-discovery-with-fuzzing 高速 fuzz
https://repret.wordpress.com/2017/05/01/improving-coverage-guided-fuzzing-using-static-analysis/ 使用静态分析改进覆盖率导向的fuzz
https://www.softscheck.com/en/identifying-security-vulnerabilities-with-cloud-fuzzing/ 云 fuzz 发现安全漏洞
https://payatu.com/cloudfuzz-machine-learning-powered-content-specific-input-generation-fuzzing/ 机器学习+基于生成的 cloudfuzz
https://blog.regehr.org/archives/1269 api fuzz 和 文件 fuzz 的对比
https://blog.vectra.ai/blog/triggering-ms16-030-via-targeted-fuzzing 有目标的 fuzz 触发 MS16-030
https://bbs.pediy.com/thread-176416.htm dragonltx 的 peach 系列教程
https://www.kitploit.com/2016/07/peach-fuzz-vulnerability-scanning.html peach fuzz 教程
https://spin.atomicobject.com/2015/08/23/fuzz-testing-american-fuzzy-lop/ afl-fuzz test
https://lwn.net/Articles/657959/ afl fuzz 教程
https://github.com/bnagy/slides/blob/master/fuzzing_without_pub.pdf afl-fuzz
http://moyix.blogspot.com/2016/07/fuzzing-with-afl-is-an-art.html afl fuzz 教程,其中有关于 afl原理的介绍
https://foxglovesecurity.com/2016/03/15/fuzzing-workflows-a-fuzz-job-from-start-to-finish/ 一篇详细讲解关于 afl-fuzz 工作流程的文章
http://blog.knownsec.com/2016/07/some-unique-fuzzing fuzz在 非主流漏洞挖掘中的应用
https://github.com/tinysec/public/blob/master/article/about_fuzz/about_fuzz_cn.md 关于fuzz的一点思考
https://devblogs.microsoft.com/dotnet/project-springfield-a-cloud-service-built-entirely-in-f/ fuzz 测试服务
https://www.slideshare.net/phdays/google-chrome-62582929 cluster fuzz google chrome
https://cybersecpolitics.blogspot.com/2016/05/the-common-thread-fuzzing-bug-triage.html infiltrate 上的 关于 fuzz 的议题
http://t.cn/RqiOtLX 自动定位 fuzz 过程中 crash 的根本原因
https://lcamtuf.blogspot.com/2016/02/say-hello-to-afl-analyze.html afl-analyze 工具介绍
https://hackernoon.com/afl-unicorn-fuzzing-arbitrary-binary-code-563ca28936bf afl-unicorn fuzz 任意二进制代码
https://blog.trailofbits.com/2018/10/05/how-to-spot-good-fuzzing-research/ 好的 fuzz研究是什么样的

文件格式类 相关 fuzz

https://bbs.pediy.com/thread-249912.htm afl fuzz upx
https://bbs.pediy.com/thread-248622.htm honggfuzz fuzz Apache httpd
https://research.checkpoint.com/extracting-code-execution-from-winrar/ winafl fuzz WinRAR
https://research.checkpoint.com/50-adobe-cves-in-50-days/ winafl fuzz adobe reader
https://blog.path.network/fuzzing-cs-go-bsp-files/ BFF fuzz csgo bsp 文件
https://github.com/knownsec/KCon/blob/master/2018/26%E6%97%A5/26%E6%97%A5No.10-PDF%20%20JS%E5%BC%95%E6%93%8E%E4%BA%A4%E4%BA%92%E5%BC%8FFuzzing-%E9%BB%91%E5%93%A5%26swan.pdf pdf 交互式引擎 fuzz
https://blahcat.github.io/2018/03/11/fuzzing-arbitrary-functions-in-elf-binaries/ fuzz elf 文件二进制中的 任意函数
https://www.zerodayinitiative.com/blog/2017/10/17/wrapping-the-converter-within-foxit-reader zdi fuzz Adobe Reader
https://symeonp.github.io/2017/09/17/fuzzing-winafl.html winafl fuzz msxml6
https://github.com/lcatro/Fuzzing-ImageMagick fuzz ImageMagick
https://blog.adacore.com/running-american-fuzzy-lop-on-your-ada-code fuzz Zip-Ada 压缩类库
https://www.zerodayinitiative.com/blog/2017/5/4/auditing-adobe-reader-the-open-source-attack-surface-in-closed-source-software Adobe Reader 闭源软件中开源软件攻击面
https://da-data.blogspot.com/2017/01/finding-bugs-in-tensorflow-with.html fuzz TensorFlow
https://www.peter.hartmann.tk/single-post/2016/11/29/Fuzzing-Qt-with-libFuzzer libfuzzer fuzz qt
https://int21.de/slides/qtcon-fuzzing afl + asan fuzz 教程
https://mgba.io/2016/09/13/fuzzing-emulators/ fuzz 模拟器 、以及很多其他的东西
https://security.tencent.com/index.php/blog/msg/35 漫谈漏洞挖掘之文件解析型漏洞 -- by TSRC
http://www.agarri.fr/kom/archives/2013/02/25/mutation-based_fuzzing_of_xslt_engines/index.html 基于变异的 XSLT 引擎 fuzz
http://caolanm.blogspot.com/2015/10/finding-ui-crashes-by-fuzzing-input.html afl fuzz 基于输入事件的 UI 崩溃
https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/ fuzz 开源反病毒引擎

浏览器 相关 fuzz

https://www.kitploit.com/2018/11/bfuzz-fuzzing-browsers-chrome-firefox.html bfuzz fuzz 浏览器
https://bugid.skylined.nl/20181017001.html fuzz 浏览器(domato)
http://blog.ret2.io/2018/07/25/pwn2own-2018-safari-sandbox/ fuzz Safari
https://sigpwn.io/blog/2018/5/13/adding-afl-bloom-filter-to-domato-for-fun afl + domato fuzz IE 11
https://drive.google.com/file/d/0B4ZwSwfSILSIcWhzY1NnY0lrNEk/view fuzz 浏览器寻找可利用的漏洞
https://sensepost.com/blog/2015/wadi-fuzzer/ wadi 浏览器 fuzzer

网络协议/加密相关 fuzz

http://blog.swiecki.net/2018/01/fuzzing-tcp-servers.html fuzz tcp 服务器
http://riscy.business/2018/05/making-a-fuzzer/ fuzz ssh 客户端
https://webrtchacks.com/fuzzing-janus/ fuzz janus
https://animal0day.blogspot.com/2017/07/from-fuzzing-apache-httpd-server-to-cve.html fuzz Apache Httpd
https://guidovranken.com/2017/06/21/the-openvpn-post-audit-bug-bonanza fuzz openvpn
https://sensepost.com/blog/2017/fuzzing-apache-httpd-server-with-american-fuzzy-lop-%2B-persistent-mode/ fuzz Apache Httpd
https://blog.blazeinfosec.com/fuzzing-proprietary-protocols-with-scapy-radamsa-and-a-handful-of-pcaps/ 使用 scrapy、radamsa 和 pcaps fuzz 专有协议
https://animal0day.blogspot.com/2017/05/fuzzing-apache-httpd-server-with.html fuzz Apache httpd
https://blog.acolyer.org/2017/06/09/node-fz-fuzzing-the-server-side-event-driven-architecture/ node.fz fuzz 服务端 事件驱动的架构
http://www.vegardno.net/2017/03/fuzzing-openssh-daemon-using-afl.html fuzz openssl
https://blog.gdssecurity.com/labs/2015/9/21/fuzzing-the-mbed-tls-library.html fuzz mbed tls 库
https://www.fastly.com/blog/how-fuzz-server-american-fuzzy-lop fuzz dns
https://yahoo-security.tumblr.com/post/122883273670/apache-traffic-server-http2-fuzzing fuzz Apache Http2 服务器
https://blog.skullsecurity.org/2015/how-i-nearly-almost-saved-the-internet-starring-afl-fuzz-and-dnsmasq fuzz dnsmasq
https://blog.cloudflare.com/dns-parser-meet-go-fuzzer/ cloudflare fuzz 基于go 语言开发的 dns 服务器的 parser
https://blog.trailofbits.com/2018/03/09/echidna-a-smart-fuzzer-for-ethereum/ 以太坊 智能 fuzzer
https://www.fastly.com/blog/how-fuzz-server-american-fuzzy-lop

系统/内核 相关fuzz

https://trapmine.com/blog/from-0-to-ring0day-sifirdan-ioctl-fuzzing-ve-kernel-zafiyet-kesfi/ IOCTL fuzz
http://t.cn/EMqW1a7 syzkaller fuzz usb
https://www.kitploit.com/2017/12/difuze-fuzzer-for-linux-kernel-drivers.html fuzz linux 内核 驱动
https://www.slideshare.net/PeterHlavaty/you-didnt-see-its-coming-dawn-of-hardened-windows-kernel 科恩 windows 内核fuzz
https://labs.mwrinfosecurity.com/publications/platform-agnostic-kernel-fuzzing 内核 fuzz
https://speakerdeck.com/marcograss/50-shades-of-fuzzing 科恩的 VM / win32k fuzz
https://lwn.net/Articles/677764/ 覆盖率引导的内核 fuzz --syzkaller

文本处理相关 fuzz

https://sigpwn.io/blog/2018/1/29/using-winafl-to-fuzz-hangul-appshield winafl fuzz hwp(韩国字处理程序)
https://kciredor.com/fuzzing-adobe-reader-for-exploitable-vulns-fun-not-profit.html winafl fuzz adobe reader
https://github.com/0xSobky/HackVault/wiki/Regaxor:-Fuzzing-Regexes-for-Fun-and-Not%E2%80%90So%E2%80%90Much-Profit fuzz 正则表达式
https://j00ru.vexillium.org/2015/09/44c······on-slides-and-details-about-further-windows-kernel-font-vulnerabilities/ windows 内核 字体fuzz
https://yahoo-security.tumblr.com/post/123981052855/font-parsing-vulnerabilities 字体 fuzz
https://www.evonide.com/fuzzing-unserialize/ fuzz 反序列化
https://grepharder.github.io/blog/0x03_learning_about_universal_links_and_fuzzing_url_schemes_on_ios_with_frida.html fuzz URL
https://portswigger.net/blog/unearthing-zalgoscript-with-visual-fuzzing 视觉fuzz

编译器/解释器 fuzz

http://www.vegardno.net/2018/06/compiler-fuzzing.html fuzz 编译器
https://johanengelen.github.io/ldc/2018/01/14/Fuzzing-with-LDC.html fuzz D 编译器
https://go-talks.appspot.com/github.com/dvyukov/go-fuzz/slides/fuzzing fuzz go ~
https://www.modzero.ch/modlog/archives/2018/09/20/java_bugs_with_and_without_fuzzing/index.html fuzz JAVA
https://vimeo.com/141698770 go-fuzz 自动化测试(视频)
https://toastedcornflakes.github.io/articles/fuzzing_capstone_with_afl.html fuzz capstone
https://www.slideshare.net/logicaltrust/torturing-the-php-interpreter fuzz php
https://sean.heelan.io/2016/04/26/fuzzing-language-interpreters-using-regression-tests/ fuzz 回归测试,fuzz 语言解释器

硬件/IOT 相关 fuzz

https://medium.com/tenable-techblog/plc-bug-hunt-fa3a0aeae9ab plc 漏洞挖掘
https://www.mdsec.co.uk/2017/05/hacking-hardware-with-an-arduino/ 硬件 fuzz
https://cn0xroot.com/2017/01/10/iot-mode-fuzzing-with-openbt/ 使用OpenBTS基站 fuzz 物联网模块
http://zhodiac.hispahack.com/index.php?section=blog&day=6&month=7&year=2015 IOTkit fuzz
http://blog.knownsec.com/2016/01/vxworks-real-time-operation-system-fuzzing/ fuzz 工控实时操作系统
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/insight-into-home-automation-reveals-vulnerability-in-simple-iot-product fuzz UPnP

安卓/移动端相关 fuzz

https://gamozolabs.github.io/fuzzing/2018/10/18/terrible_android_fuzzer.html 安卓 fuzzer
https://www.twistlock.com/2017/06/25/alpine-linux-pt-1-2/ fuzz apk
https://census-labs.com/news/2015/09/24/efficient-android-fuzzing/ 高效 fuzz 安卓

虚拟化 相关 fuzz

https://insinuator.net/2018/11/h2hc2018/
http://www.alex-ionescu.com/?m=201901 hyper-V 中fuzz 两则

Web APP 相关 fuzz

http://blog.securelayer7.net/automating-web-apps-input-fuzzing-via-burp-macros/ burp 宏 自动化fuzz 测试webapp
https://www.kitploit.com/2017/06/xsstrike-fuzz-and-bruteforce-parameters.html fuzz xss
https://www.kitploit.com/2016/12/filebuster-extremely-fast-and-flexible.html filebuster web fuzzer
https://www.darknet.org.uk/2015/11/0d1n-web-http-fuzzing-tool/ web http fuzz
 

ps: 其实本部分的很大一部分内容来源于 玄武实验室的 sec.today 中的内容,想了一下还是整理一下,毕竟整理一下也是一个学习的过程,一则理清自己的思路,二则对 fuzz近些年来的进展有更深的认识。

ppt/pdf/conference

工具 -- github

下面的链接简要分了下类,后面会再接着更新。

1

https://www.peerlyst.com/posts/resource-open-source-fuzzers-list?trk=search_page_search_result 开源 fuzzer
https://github.com/wmliang/pe-afl 静态二进制插桩 + winafl
https://github.com/aflgo/aflgo 灰盒测试
http://honggfuzz.com/ honggfuzz
https://github.com/googleprojectzero/winafl Windows afl
https://github.com/rust-fuzz/afl.rs afl fuzz rust
https://github.com/mrash/afl-cov afl cov 收集覆盖率信息
https://github.com/tunz/afl-fuzz-js afl-fuzz javascript
https://github.com/bnagy/afl-trivia 小工具
https://gitlab.com/rc0r/afl-utils afl fuzz 辅助工具
http://blog.llvm.org/2015/04/fuzz-all-clangs.html libfuzzer
http://t.cn/EMqeTq1 winafl ppt 介绍
https://github.com/bnagy/afl-launch
https://github.com/dor1s/libfuzzer-workshop 当今C/C++ 项目 fuzz 工厂
https://github.com/google/fuzzer-test-suite
https://github.com/google/libprotobuf-mutator 结构化 fuzz
https://github.com/ouspg/libfuzzerfication use libfuzzer fuzz 流行的项目和应用
https://github.com/brandonprry/ical-fuzz fuzz libical 库 的结果
https://github.com/carlosgprado/NaFl not afl
https://github.com/mozillasecurity/dharma 基于生成的、上下文无关的 fuzzer
http://mozillasecurity.github.io/peach/ fuzz 框架
https://github.com/guidovranken/libfuzzer-java fuzz JAVA
https://github.com/mozilla/nss-fuzzing-corpus 用来输入 NSS' fuzzing 目标的语料库
https://github.com/googleprojectzero/domato 基于语法生成的 测试用例
https://github.com/Battelle/afl-unicorn fuzz any piece of binary that can be emulated by Unicorn Engine.

2

https://github.com/gamozolabs/applepie A hypervisor for fuzzing built with WHVP and Bochs
https://github.com/AngoraFuzzer/Angora 基于变异的fuzzer,主要目标是通过约束求解的方式(无需符号执行),增加分支覆盖率
https://github.com/debasishm89/dotNetFuzz .NET 反序列化 fuzzer
https://github.com/googleprojectzero/BrokenType True Type/Open Type 字体 fuzz
https://github.com/x41sec/x41-smartcard-fuzzing x41 智能卡 fuzz
https://github.com/riverloopsec/tumblerf RF fuzz 框架
https://github.com/andresriancho/websocket-fuzzer html5 websocket 消息 fuzzer
https://github.com/MozillaSecurity/funfuzz 测试 SpiderMonkey JS 引擎 的 fuzzer
https://github.com/RootUp/BFuzz bfuzz fuzz 浏览器 + 使用 domato 生成的样本
https://github.com/sensepost/wadi python fuzzing harness -- Win10 Edge
https://github.com/compilingEntropy/fuzzycactus 设备上自动化 Fuzzing MobileSafari
https://github.com/CoolerVoid/0d1n fuzz HTTP/S
https://github.com/1N3/BlackWidow fuzz 常见的 OWASP 漏洞
https://github.com/fuzzdb-project/fuzzdb fuzzdb 应用程序 fuzz 库
https://github.com/bugbountyforum/XSS-Radar fuzz XSS
https://github.com/s0md3v/XSStrike fuzz XSS
https://github.com/denandz/fuzzotron 基于 TCP/UDP 的网络守护进程 fuzzer
https://github.com/dekimir/RamFuzz 单元测试+ fuzz + 深度学习
https://github.com/julieeen/kleefl fuzzer 输入符号
https://github.com/hannob/bignum-fuzz fuzz 大数
https://github.com/kudelskisecurity/cdf 密码学差分 fuzz
https://github.com/nezha-dt/nezha 差分 fuzz
https://github.com/jtpereyda/boofuzz 网络协议fuzz 框架
https://github.com/niloofarkheirkhah/nili 网络扫描、中间人、协议逆向和fuzz
https://github.com/jaybosamiya/fuzzing-numpy fuzzing numpy
https://github.com/debasishm89/OpenXMolar Microsoft open xml 文件格式 fuzz
https://github.com/vusec/vuzzer
https://github.com/dyjakan/interpreter-bugs fuzz 解释器 的一些 结果
https://github.com/vspandan/IFuzzer
https://github.com/xoreaxeaxeax/sandsifter x86 处理器 fuzzer
https://github.com/Rootkitsmm/Borland-AccuRev-StackoverFlow
https://github.com/payatu/EMFFuzzer 基于 peach 框架改进的 元文件fuzz 框架
https://github.com/mseclab/PyJFuzz python json fuzzer
https://github.com/cisco-sas/kitty python fuzz framework
https://github.com/renatahodovan/fuzzinator Fuzzinator 随机测试框架
https://github.com/carlosgprado/BrundleFuzz/wiki 分布式 fuzz 框架 DBI Windows/linux
https://github.com/ajinabraham/Droid-Application-Fuzz-Framework 安卓fuzz 框架
https://github.com/mit-ll/LL-Fuzzer 安卓设备的 NFC fuzz
https://github.com/mwrlabs/drozer-modules mwrlabs 开发的安卓测试框架
https://github.com/nccgroup/umap2 usb fuzz
https://github.com/schumilo/vUSBf 基于 KVM/QEMU 的 USB fuzz 框架
https://github.com/joxeankoret/nightmare web 管理功能的分布式 fuzz 测试套件
https://github.com/hbowden/nextgen 文件、系统调用、网络 fuzzer
https://github.com/Rootkitsmm/Win32k-Fuzzer win32k fuzzer
https://github.com/nccgroup/TriforceOpenBSDFuzzer fuzz 系统调用

fuzz 测试用例/种子(文件格式类)

  1. 常见的种子库网站:

... 主要靠平时积累

  1. 格式转换,由其他格式转换而来,比如图片类/文档格式类;

  2. 爬虫,大规模地从互联网上爬取,后续做精简;

  3. 一些项目(类似项目)所自带的 test suite/corpus/testdata;

  4. 历史的 poc,回归测试用例(openjpeg-fuzzdata);

  5. 基于语法的,定义规则生成测试用例,典型的比如说 domato。

测试用例去重

  • afl 自带的 afl-cmin 和 afl-tmin

fuzz 工作的想法

其实 关于 如何 fuzz,上面的很多博客文章中阐述得已经相当的清晰明了,我说下关于我自身的体会:

 

首先选定一类目标,先看下是否以往有人 fuzz 过,如果有的话,有无必要复现当时他的一个过程;

 

有的话,可以尝试复现,后面看是否可以改进,按照自己的思路进行fuzz;没有的话,粗略看一下就完事儿了。

  1. 挑选 fuzz 目标,找到其存在的攻击面;

  2. 选择 适合该类目标的 fuzzer, 搭建环境,开始 fuzz;

  3. 根据 fuzz 的结果,评估总结之前的工作,决定下一步的方向。

  • 其实,对于一些比较复杂的软件系统(比如浏览器)来说,fuzz 之前的准备工作应该会比较漫长,需要明确一个大概的思路,以及在哪些模块会出问题,可能出问题,这样后面的过程就会好做一点。

写在最后

随着安全行业的日趋成熟,漏洞挖掘逐渐变成一项越来越难的工作。在我看来,不论最终漏洞能否挖到,在安全研究中不断学习、不断提升自我,与志同道合的朋友们一起成长才应该是真正乐趣所在,总之,开心就好!



[推荐]看雪企服平台,提供安全分析、定制项目开发、APP等级保护、渗透测试等安全服务!

最后于 2019-3-18 23:44 被fyb波编辑 ,原因: update
上一主题 下一主题
打赏 + 6.00
打赏次数 2 金额 + 6.00
收起 
赞赏  SekaiWu   +5.00 2019/03/13
赞赏  Editor   +1.00 2019/03/12 感谢分享~
最新回复 (22)
Maccha 2019-3-11 20:52
2
0
留着慢慢看
wyfe 2019-3-11 21:01
3
0
学习,非常不错
八岛 1 2019-3-12 01:59
4
0
感谢
houjingyi 8 2019-3-12 10:08
5
0
很全面,感谢
CCkicker 2019-3-12 10:58
6
0
感谢分享!
Editor 2019-3-12 11:03
7
0
 感谢分享~
fyb波 1 2019-3-12 11:04
8
0
如果大家有什么建议 或者文中有什么错误的话,欢迎指出来,我更新改正一下
编程小白 2019-3-12 21:03
9
0
mark
smartdon 1 2019-3-13 09:50
10
0
谢谢楼主
wonderzdh 1 2019-3-13 11:12
11
0
留名留名
AJISky 7 2019-3-14 14:35
12
0
收藏再说,顺便问个问题,带参数(参数类型不定有内存地址,有常量的)的function如何fuzz?参数准备感觉都不容易吧
fyb波 1 2019-3-14 16:44
13
0
比如 libfuzzer 那样,写个 函数 自己 生成参数 ,然后 变异 fuzz 可以么?
小熊ppt 2019-3-17 17:20
14
0
马,学习中
fyb波 1 2019-3-19 22:20
15
0
文章更新了一下,提到的那两本电子书 链接,如果有侵犯版权的话,我就删掉
最后于 2019-3-19 22:20 被fyb波编辑 ,原因:
pureGavin 2019-3-25 20:55
16
0
mark,楼主辛苦了
zoniony 2019-3-26 07:31
17
0
感谢整理
maomaolk 2019-4-3 14:39
18
0
mark
Concord 2019-4-7 15:07
19
0
mark
weishi 2019-4-9 15:29
20
0
mark,前路漫漫,感谢分享
ReeHeiHei 1 2019-4-23 15:12
21
0
maek,感谢分享
音货得福 1 2019-4-23 18:10
22
0
好文, 感谢
从黎明到衰落 1 2019-5-7 16:11
23
0
Mark,感谢分享
游客
登录 | 注册 方可回帖
返回