))
How Fuzzing Barcodes Raises the Bar for Secure Code - Artur Cygan - ASW #336
Manage episode 490539583 series 2794676
Content provided by Security Weekly Productions. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Security Weekly Productions or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
Fuzzing has been one of the most successful ways to improve software quality. And it demonstrates how improving software quality improves security. Artur Cygan shares his experience in building and applying fuzzers to barcode scanners, smart contracts, and just about any code you can imagine. We go through the useful relationship between unit tests and fuzzing coverage, nudging fuzzers into deeper code paths, and how LLMs can help guide a fuzzer into using better inputs for its testing.
Resources
- https://blog.trailofbits.com/2024/10/31/fuzzing-between-the-lines-in-popular-barcode-software/
- https://github.com/crytic/echidna
- https://github.com/crytic/medusa
- https://lcamtuf.blogspot.com/2014/11/pulling-jpegs-out-of-thin-air.html
Show Notes: https://securityweekly.com/asw-336
668 episodes
Share
