A Retrospective on Our First Fuzzing Workshop
A retrospective on our first fuzzing conference workshop and how we'll improve next time.
More issues
Don't Delete grub2
Don't uninstall grub2 without ensuring a newer version will be installed.
BSides Charm 2023
Our training was accepted at BSides Charm 2023. See you there!
Hardware-Assisted AddressSanitization
Reducing ASAN memory usage by utilizing Top-Byte Ignore (TBI) on ARM64 hardware. Also, some 24-bit Apple Macintosh history.
AddressSanitization and Why You Should Use It
A quick guide on using AddressSanitization to find memory corruptions bugs at run-time.
How Learning Ruby Helped Me Understand Swift
I have a confession to make. Until recently, closure syntax confused me to no end. Specifically, I’m talking about Swift closures, but it also applies to other languages. I read Swift’s language specification, Paul Hudson’s guide on closures, and Stack Overflow posts. I even found this appropriately
The Problem with Open Source Software Security
Reporting vulnerabilities in open-source software is a nightmare. How can we make it better?
💎 The Ruby Association Certified Ruby Programmer Silver Exam
I wasted $150 to prove I kinda learned Ruby. And you can too!
Finding CVE-2022-3786 (openssl) with Mayhem
What is the bug?
Disclaimer, I didn’t discover the bug. I’m just here after the fact, showing how fuzzers can detect and prevent memory corruption issues like these. CVE-2022-3786 affected openssl versions 3.0.0 up to and including 3.0.6. This bug affected both clients and
Stop Using Single-Letter Command Line Options
Single-letter command line options are inferior for documentation. Stop using them if you're doing anything that anyone else relies on.