Fuzzit Blog

Fuzzing that matters.

Discovery and Analysis of 2 DoS vulnerabilities in Autodesk FBX (1 unpatched)

Introduction In this blogpost we will discuss the discovery and analysis of 2 DoS CVEs in AutoDesk FBX. AutoDesk FBX is a cross-platform closed source SDK of AutoDesk which allows vendors to transfer existing content into the FBX format. The … Read More

Featured Post
cargo-fuzz

How to Fuzz Rust Code with Cargo-Fuzz (Continuously)

What is fuzzing? Fuzzing or fuzz testing is an automated software technique that involves providing semi-random data as input to the test program in order to uncover bugs and crashes. In this short tutorial we will discuss cargo-fuzz. Why fuzz … Read More

Featured Post

GolangNYC: Continuous Go Fuzzing Video + Slides

Hey, It’s Yevgeny Pats here. I’ve had great time at Golang NYC September Meetup Special thanks to the organisers (Mofi rahman) , Dmitri Shuralyov from Go Team who also gave a very interesting talk and to Plated who hosted us. … Read More

Featured Post

How to Fuzz Go Code with go-fuzz (Continuously)

What is fuzzing? Fuzzing or fuzz testing is an automated software technique that involves providing semi-random data as input to the test program in order to uncover bugs and crashes. Why fuzz Go Code? Golang is a safe language and … Read More

Featured Post
soviet

Announcing Rewards for Go/Rust OSS Projects

EDIT: after more then 20 projects integrated with our awesome reward winners https://github.com/fuzzitdev/fuzzit#oss-projects-using-fuzzit. Our reward program is currently on pause but we still offer free plan for OSS projects so ping us: oss [at] fuzzit.dev Dear community! Thanks for your … Read More

Featured Post

Why Continuous Go Fuzzing?

In this post we will focus on why continuous go fuzzing is needed and what are the challenges in implementing continuous fuzzing. Previous posts/papers regarding why go fuzzing in general is important as well as why it’s a good idea … Read More

Featured Post

Discovering CVE-2019-13504, CVE-2019-13503 and the importance of API Fuzzing

Introduction In this post we will go through how we discovered CVE-2019-13504 in exiv2 and CVE-2019-13503 in mongoose, two relatively widely used oss project. Exiv2 is a set of “c++ metadata library and tools…used by many projects including in KDE, … Read More

Featured Post

Continuous Fuzzing systemd – Case Study

In this blog post we will walk through how systemd integrated continuous fuzzing using the Fuzzit platform. Even though it was done with the Fuzzit platform we will talk about general design decisions and approaches in the process of setting … Read More

Featured Post
We are your fuzzers

Throwing 160 CPUs at 1 Year Fuzzing Target

In this blog post we will walk through how throwing 160 distributed CPUs at a fuzzing target that takes initially one year of CPU time can shorten the fuzzing time substantially. Also we will share test-cases where throwing more CPUs … Read More

Featured Post

Fuzzit is looking for alpha users!

We’re excited to announce our first closed alpha version, which we hope to quickly expand to a public beta. We’d love for you to try our platform and provide your feedback. Fuzzing is one of the most effective tools for … Read More

Featured Post