Nov 14, 2016 — I was assigned CVE-2016-9297 today for a read outside of buffer flaw that I found in libtiff. This provides support for the Tag Image File Format (TIFF), a widely used format for storing image data, and is found in web browsers ...
Nov 12, 2016 — I was assigned CVE-2016-9273 today for a buffer over read flaw that I found in libtiff. This provides support for the Tag Image File Format (TIFF), a widely used format for storing image data, and is found in web browsers and ...
Sep 20, 2016 — This flaw was NOT found with American Fuzzy Lop, but it was found with a tool by the same author, called cross_fuzz. This marks my 8th CVE assignment since I started fuzzing software. This flaw affects multiple versions of ...
Sep 19, 2016 — After lolzing over this i'm a researcher, not a writer comment, I decided to come write a quick post. I've always been a writer. I've got shitty poetry published in shitty anthologies that nobody but their mother has ever ...
Sep 05, 2016 — During my 48 hours of fuzzing Perl for this blog post, I discovered multiple flaws which could have had security implications (buffer overflows, use after free, etc). Some of them ended up having zero security implications, while ...
Sep 04, 2016 — My contributions to the Perl programming language were quickly mentioned/highlighted during Day 2 of YAPC::EU 2016 in this video.
Aug 23, 2016 — Hello everyone, I'm thankful for all of the great feedback and questions that have come up as a result of Fuzzing Perl blog post. I may even be appearing at YAPC::NA next year to talk about my Perl fuzzing exploits. More on that ...
Aug 21, 2016 — tl;dr Over the course of 48 hours, AFLFast found 6 unique flaws in Perl, while AFL 2.32b found 4, all of which AFLFast failed to find. Abstract Today I'm going to talk about my experiences fuzzing Perl over the course of 48 ...
Aug 21, 2016 — Today is the day I start writing again.
