Communications of the ACM

Safe Coding

Safe coding is a collection of software design practices and patterns that allow for cost-effectively achieving a high degree ...
Security Boulevard

Operational Technology (OT) penetration testing: Defining, Process and Tools

Operational penetration testing is a process of simulating real-world attacks on OT systems to identify vulnerabilities before cybercriminals can exploit them, either physically or remotely. OT ...
IEEE

FA-Fuzz: A Novel Scheduling Scheme Using Firefly Algorithm for Mutation-Based Fuzzing

Abstract: Mutation-based fuzzing has been widely used in both academia and industry. Recently, researchers observe that the mutation scheduling scheme affects the efficiency of fuzzing. Accordingly, ...
IEEE

TransferFuzz: Fuzzing with Historical Trace for Verifying Propagated Vulnerability Code

Abstract: Code reuse in software development frequently facilitates the spread of vulnerabilities, making the scope of affected software in CVE reports imprecise. Traditional methods primarily focus ...
GitHub

Afuzz - An automated web path fuzzing tool

Some examples for how to use Afuzz - those are the most common arguments. If you need all, just use the -h argument. afuzz -e php,html,js,json -u https://target afuzz -e php,html,js -u https://target ...
GitHub

Lightweight fuzzing of a memory snapshot using KVM

Snapchange provides the ability to load a raw memory dump and register state into a KVM virtual machine (VM) for execution. At a point in execution, this VM can be reset to its initial state by ...