Giter Site home page Giter Site logo

source-and-fuzzing's Introduction

How to Read Source and Fuzzing

1-4 章主要是一些阅读源码和Fuzzing 编写经验,章节里面结合了大量真实的例子,包括阅读源码和Fuzzer 编写的例子

5-6 章主要介绍程序分析的原理

8-10 章更进一步深入符号执行的工具

附录1 主要介绍使用工具进行Fuzzing

附录2 主要介绍从零开始如何编写Fuzzer

附录3 主要介绍从零开始编写一个符号执行工具

1.Github

2.Fuzzing 模糊测试之数据输入

3.Fuzzing 模糊测试之异常检测

4.阅读源码

5.程序编译原理

6.静态程序分析原理

7.动态程序分析原理

8.玩转LLVM

9.KLEE符号执行框架

10.Driller:Fuzzing 和符号执行的结合 -- 正在更新

12.深入解析libfuzzer与asan.md

13.逻辑漏洞自动化实践,检验逻辑漏洞主要思路是判断状态是否在预期之内(对于不同类型的漏洞来说,都属于有限状态机),比如越权漏洞,用cookie控制请求状态与机器学习算法识别页面的输出是否有敏感数据(非敏感数据不认为是有效的信息泄漏).

-- 附录 --

P1.Fuzzing ImageMagick

P2.WASM Fuzzer 编写实例 -- 正在更新

P3.符号执行与智能合约审计 for KCON & TenSec

P4.REX 框架与Auto Exploit Generation 符号执行原理

P5.脑图挖洞案例,快速且低成本地从零开始弄懂框架与漏洞在框架中的表现形式

脑图预览:

Think代码分析.emmx (使用MindMaster打开,值得一读)

hyper-v vmswitch debug.emmx (使用MindMaster打开,值得一读)

-- 快速上手挖洞思路概述 --

End

source-and-fuzzing's People

Contributors

lcatro avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

omasko insightglacier ast-interview wha000tif evilning b1gw00d zzcentury sucof explife0011 saulty4ish blueroutecn r0cu3 fuzzamos sjl421 0x24bin yan-1-20 yangy-xiao luka077 ith4cker m-star-coder 4sec-top johnnyxxy rudrasingh99 urmyfaith 5up3rc harry1080 re-expoc willinin aaeolus iiiusky supjerk chuangshizhiqiang zhengminghui1234 evilares stop1992 useafter hpplinux freemanzyq ver007 tortelee m00zh33 fengjixuchui imulmul toygang liu-xiaoli sigma-random attackgithub thatqier xiaoxiongwang ping328 hyrathon kungia09 miy1z1ki willsmith2016 giantbranchcollect diablo0822 kiritowch zytmatrix killvxk r17a-17 inarcissuss jackery001 303donatello thurday jrjang cybermonitor daydayup40 27story goodday123 key20 c0de3 ghosts1995 sireof owiofwm2i yved vvck001 zfeixq l34rner kingking888 findo hyperca mmg1 a12098718 963230432 wwdaddf sakura-lby zhongyinglou xzplink ychange66 liever18 ceris3s coolboy43 bryanyangzl joejiong realdbcooper kilomaster rainerhu jionyeahgithub gamblingmaster2020 asphalt415

source-and-fuzzing's Issues

太厉害了😭

看完了您的所有项目,简直五体投地🙇🏻‍♀️
我之前也有用ai写自动化代码审计的想法但是还是放弃了😭
您已经离开安全行业了嘛?太可惜了😥

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.