EuroLLVM 2024 trip report By Marek Surovič and Henrich LaukoEuroLLVM is a developer meeting focused on pro... 2024-6-21 21:0:22 | 阅读: 19 | 收藏 | Trail of Bits Blog - blog.trailofbits.com mlir analysis machine security regions

Themes from Real World Crypto 2024 In March, Trail of Bits engineers traveled to the vibrant (and only slightly chil... 2024-6-18 21:0:27 | 阅读: 16 | 收藏 | Trail of Bits Blog - blog.trailofbits.com pqc encryption fhe e2ee

Finding mispriced opcodes with fuzzing By Max AmmannFuzzing—a testing technique that tries to find bugs by repeatedly e... 2024-6-17 21:0:43 | 阅读: 18 | 收藏 | Trail of Bits Blog - blog.trailofbits.com fuel corpus fuzzer harness libafl

Understanding Apple’s on-device and server foundations model release By Artem DinaburgEarlier this week, at Apple’s WWDC, we finally witnessed Apple’... 2024-6-15 04:49:37 | 阅读: 15 | 收藏 | Trail of Bits Blog - blog.trailofbits.com adapters vocabulary adapter inference

PCC: Bold step forward, not without flaws By Adelin TraversEarlier this week, Apple announced Private Cloud Compute (or PC... 2024-6-15 03:46:48 | 阅读: 16 | 收藏 | Trail of Bits Blog - blog.trailofbits.com pcc security cloud hardware encryption

Announcing the Burp Suite Professional chapter in the Testing Handbook By Maciej DomanskiBased on our security auditing experience, we’ve found that Bu... 2024-6-14 21:0:23 | 阅读: 14 | 收藏 | Trail of Bits Blog - blog.trailofbits.com burp security chapter trail

Exploiting ML models with pickle file attacks: Part 2 By Boyan MilanovIn part 1, we introduced Sleepy Pickle, an attack that uses mali... 2024-6-11 23:0:17 | 阅读: 21 | 收藏 | Trail of Bits Blog - blog.trailofbits.com pickle payload malicious python bytecode

Exploiting ML models with pickle file attacks: Part 1 By Boyan MilanovWe’ve developed a new hybrid machine learning (ML) model exploit... 2024-6-11 21:0:36 | 阅读: 20 | 收藏 | Trail of Bits Blog - blog.trailofbits.com pickle malicious sleepy payload attacker

Announcing AI/ML safety and security trainings By Michael D. BrownWe are offering AI/ML safety and security training in summer... 2024-6-7 21:0:41 | 阅读: 15 | 收藏 | Trail of Bits Blog - blog.trailofbits.com security surfaces equip stacks

Understanding AddressSanitizer: Better memory safety for your code By Dominik Klemba and Dominik CzarnotaThis post will guide you through using Add... 2024-5-16 21:0:57 | 阅读: 17 | 收藏 | Trail of Bits Blog - blog.trailofbits.com memory asan shadow poisoned granule

A peek into build provenance for Homebrew By Joe Sweeney and William WoodruffLast November, we announced our collaboration... 2024-5-14 21:0:5 | 阅读: 13 | 收藏 | Trail of Bits Blog - blog.trailofbits.com homebrew provenance brew bottle github

Using benchmarks to speed up Echidna By Ben SiraphobDuring my time as a Trail of Bits associate last summer, I worked... 2024-5-8 21:30:7 | 阅读: 13 | 收藏 | Trail of Bits Blog - blog.trailofbits.com memory echidna hevm profiling evm

The life and times of an Abstract Syntax Tree By Francesco BertolacciniYou’ve reached computer programming nirvana. Your journ... 2024-5-2 21:0:6 | 阅读: 16 | 收藏 | Trail of Bits Blog - blog.trailofbits.com memory rhs lhs binexpr intconstant

Curvance: Invariants unleashed By Nat ChinWelcome to our deep dive into the world of invariant development with... 2024-4-30 21:30:43 | 阅读: 16 | 收藏 | Trail of Bits Blog - blog.trailofbits.com curvance echidna invariants corpus codebase

Announcing two new LMS libraries By Will SongThe Trail of Bits cryptography team is pleased to announce the open-... 2024-4-26 21:0:32 | 阅读: 15 | 收藏 | Trail of Bits Blog - blog.trailofbits.com lms schemes stateful security

5 reasons to strive for better disclosure processes By Max AmmannThis blog showcases five examples of real-world vulnerabilities tha... 2024-4-15 21:0:53 | 阅读: 11 | 收藏 | Trail of Bits Blog - blog.trailofbits.com github security library vec mmkv

Introducing Ruzzy, a coverage-guided Ruby fuzzer By Matt SchwagerTrail of Bits is excited to introduce Ruzzy, a coverage-guided f... 2024-3-29 21:30:44 | 阅读: 24 | 收藏 | Trail of Bits Blog - blog.trailofbits.com ruzzy harness libfuzzer tracer gems

Why fuzzing over formal verification? By Tarun Bansal, Gustavo Grieco, and Josselin FeistWe recently introduced our ne... 2024-3-22 21:0:28 | 阅读: 14 | 收藏 | Trail of Bits Blog - blog.trailofbits.com formal invariant asset echidna invariants

Streamline your static analysis triage with SARIF Explorer By Vasco FrancoToday, we’re releasing SARIF Explorer, the VSCode extension that... 2024-3-20 21:30:45 | 阅读: 18 | 收藏 | Trail of Bits Blog - blog.trailofbits.com sarif weaudit vscode github classify

Read code like a pro with our weAudit VSCode extension By Filipe CasalToday, we’re releasing weAudit, the collaborative code-reviewing... 2024-3-19 21:30:0 | 阅读: 15 | 收藏 | Trail of Bits Blog - blog.trailofbits.com weaudit vscode codebase bookmarks github