all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

How we applied advanced fuzzing techniques to cURL

Add to bookmarks
March 1, 2024, 2:30 p.m. | Trail of Bits

Trail of Bits Blog blog.trailofbits.com

By Shaun Mirani Near the end of 2022, Trail of Bits was hired by the Open Source Technology Improvement Fund (OSTIF) to perform a security assessment of the cURL file transfer command-line utility and its library, libcurl. The scope of our engagement included a code review, a threat model, and the subject of this blog […]

advanced application security assessment bits code code review command curl end engagement file file transfer fund fuzzing improvement libcurl library near open source open source technology ostif review scope security security assessment techniques technology threat threat model trail of bits transfer utility

Visit resource

More from blog.trailofbits.com / Trail of Bits Blog

Announcing two new LMS libraries 1 day ago | blog.trailofbits.com
algorithm bits cryptography digital +17
5 reasons to strive for better disclosure processes 1 week, 5 days ago | blog.trailofbits.com
blog bugs disclosure examples +6
Introducing Ruzzy, a coverage-guided Ruby fuzzer 4 weeks, 1 day ago | blog.trailofbits.com
application security bits bugs code +16
Why fuzzing over formal verification? 1 month ago | blog.trailofbits.com
audits blockchain development fuzzing +3
Streamline your static analysis triage with SARIF Explorer 1 month, 1 week ago | blog.trailofbits.com
analysis audits explorer extension +8
Read code like a pro with our weAudit VSCode extension 1 month, 1 week ago | blog.trailofbits.com
audits bugs code codebase +12
Releasing the Attacknet: A new tool for finding bugs in blockchain nodes using chaos testing 1 month, 1 week ago | blog.trailofbits.com
addresses bits blockchain bugs +17
Secure your blockchain project from the start 1 month, 2 weeks ago | blog.trailofbits.com
architectures blockchain can design +16
DARPA awards $1 million to Trail of Bits for AI Cyber Challenge 1 month, 2 weeks ago | blog.trailofbits.com
ai cyber challenge aixcc award awards +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Open-Source Intelligence (OSINT) Policy Analyst (TS/SCI)

@ WWC Global | Reston, Virginia, United States
View on infosec-jobs.com

Security Architect (DevSecOps)

@ EUROPEAN DYNAMICS | Brussels, Brussels, Belgium
View on infosec-jobs.com

Infrastructure Security Architect

@ Ørsted | Kuala Lumpur, MY
View on infosec-jobs.com

Contract Penetration Tester

@ Evolve Security | United States - Remote
View on infosec-jobs.com

Senior Penetration Tester

@ DigitalOcean | Canada
View on infosec-jobs.com
View more jobs