Event-based Fuzzing, Patch-based Research, and Comment Police: Finding Bugs Through a Bug

Learning from known vulnerabilities is a must for every security researcher, and subscribing to the major vendors' monthly public bulletins and security patch updates is the first thing security researchers do at the beginning of each month.The value of an enlightening security vulnerability is not only to reveal significant attack surfaces and exploit scenarios but also to inspire deeper digging as an important input to bug hunting. From a period of work on security vulnerability analysis and tracking, we have …

analysis attack bug bug hunting bugs event exploit fuzzing hunting important input known vulnerabilities major patch period police public research researcher researchers security security patch security researcher security researchers security vulnerability tracking updates value vendors vulnerabilities vulnerability vulnerability analysis work