all InfoSec news
Snapshot fuzzing direct composition with WTF
Oct. 17, 2023, 1:25 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
- Cisco Talos has developed a custom fuzzer using the popular snapshot fuzzer “WTF” which targets Direct Composition in Windows.
- Talos’ vulnerability research team used Protocol Buffers developed by Google to serialize and deserialize test cases.
- The Bochscpu backend of WTF was patched and other tricks were used to make snapshot fuzzing work correctly
- We hope that the release of our snapshot fuzzing implementation details will give new snapshot fuzzing ideas to the readers making direct composition more secure.
Direct Composition …
backend cases cisco cisco talos fuzzer fuzzing google popular protocol research snapshot talos team test vulnerability vulnerability research vulnerability research team windows work
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Jobs in InfoSec / Cybersecurity
Senior Security Specialist, Forsah Technical and Vocational Education and Training (Forsah TVET) (NEW)
@ IREX | Ramallah, West Bank, Palestinian National Authority
Consultant(e) Junior Cybersécurité
@ Sia Partners | Paris, France
Senior Network Security Engineer
@ NielsenIQ | Mexico City, Mexico
Senior Consultant, Payment Intelligence
@ Visa | Washington, DC, United States
Corporate Counsel, Compliance
@ Okta | San Francisco, CA; Bellevue, WA; Chicago, IL; New York City; Washington, DC; Austin, TX
Security Operations Engineer
@ Samsara | Remote - US