all InfoSec news
How we applied advanced fuzzing techniques to cURL
Malware Analysis, News and Indicators - Latest topics malware.news
By Shaun Mirani
Near the end of 2022, Trail of Bits was hired by the Open Source Technology Improvement Fund (OSTIF) to perform a security assessment of the cURL file transfer command-line utility and its library, libcurl. The scope of our engagement included a code review, a threat model, and the subject of this blog post: an engineering effort to analyze and improve cURL’s fuzzing code.
We’ll discuss several elements of this process, including how we identified important areas …
advanced assessment bits code code review command curl end engagement file file transfer fund fuzzing improvement libcurl library near open source open source technology ostif review scope security security assessment techniques technology threat threat model trail of bits transfer utility