Introduction to modern memory management 文章介绍了现代计算机中易失性内存的运作机制，包括缓存层次结构、内存管理单元（MMU）、虚拟地址与物理地址的转换、分段与分页技术等核心概念，并强调了虚拟内存的优势及其对程序运行的支持。... 2025-3-3 16:24:39 | 阅读: 5 | 收藏 | Fuzzing Labs - fuzzinglabs.com memory mmu dma translation paging

Ph0wn2024 Writeup – Race Roller​ Application reversing 这篇文章介绍了Ph0wn 2024 CTF中的一个Android挑战“Race Roller”，目标是通过让所有车辆变为绿色来获取flag。作者详细描述了三种解决方案：通过修改随机函数的二进制补丁、使用Frida动态修改函数返回值以及重新实现Companion类来直接调用解密方法。... 2025-2-27 15:22:54 | 阅读: 6 | 收藏 | Fuzzing Labs - fuzzinglabs.com apk companion raceroller cars kotlin

Attacking Reasoning models​ 文章探讨了基于Chain of Thought (CoT) 推理的语言模型在面对逻辑悖论、特殊令牌操控和伪造推理链等攻击时的安全风险。这些攻击可能导致模型陷入无限循环、输出错误结论或泄露信息。文章还介绍了Claude 3.7 Sonnet等模型的防御机制，并建议加强安全研究以应对这些威胁。... 2025-2-25 10:4:3 | 阅读: 5 | 收藏 | Fuzzing Labs - fuzzinglabs.com reasoning cot llms deepseek llm

BGP Under Pressure : Protocol Fuzzing in action 文章探讨了BGP协议在互联网中的核心作用及其潜在漏洞。通过协议模糊测试技术，作者发现Holo BGP库中的两个关键问题：消息解码缺少验证和处理UPDATE消息时的逻辑错误。这些问题可能导致DoS攻击，影响网络稳定性。... 2025-2-21 13:56:54 | 阅读: 7 | 收藏 | Fuzzing Labs - fuzzinglabs.com library security network holo nlri

How Fuzzing Could Have Prevented the zkLend Hack​ zkLend近期遭遇的安全漏洞引发了广泛关注。FuzzingLabs通过模糊测试技术深入分析发现，该漏洞源于safe_decimal_math库中的除法函数在处理市场存款逻辑时出现异常。简单来说，当金额被除以一个累加器时，结果可能意外变大。通过创建一个简单的模糊测试框架，并使用cairo-native-fuzzer工具，在短短1秒内就复现了这一问题。此次事件凸显了模糊测试在智能合约安全中的重要性，并强调了维护严格不变量和加强代码审查的必要性。... 2025-2-17 13:13:54 | 阅读: 10 | 收藏 | Fuzzing Labs - fuzzinglabs.com scaled zklend security sierra accumulator

Recon 2025 – Reversing Modern Binaries: Practical Rust & Go Analysis On-site Training 这篇文章介绍了ReCon 2025的一场为期4天的培训课程——“Reversing Modern Binaries: Practical Rust & Go Analysis Training”。该课程由Daniel Frederic和Mathieu Hoste主讲，旨在教授参与者如何分析Rust和Golang编写的二进制文件、应对混淆技术以及逆向工程恶意软件。课程内容涵盖基础到高级技术，并结合实际案例进行实践操作。费用为$5500（早鸟价）至$6000。... 2025-2-13 14:54:17 | 阅读: 36 | 收藏 | Fuzzing Labs - fuzzinglabs.com reverse reversing analysis security fuzzinglabs

Recon 2025 – Fuzzing Windows Userland Applications On-site Training 这篇文章介绍了ReCon 2025举办的Windows应用程序模糊测试培训课程。该课程由FuzzingLabs的专家主讲，涵盖基础概念、高级技术（如语法模糊和符号执行）及实际应用（如浏览器和杀毒软件）。课程分为四天模块，费用为5500-6000美元。... 2025-2-13 14:29:48 | 阅读: 13 | 收藏 | Fuzzing Labs - fuzzinglabs.com windows security software analysis

Recon 2025 – Rust Development for Cybersecurity On-site Training 这篇文章介绍了FuzzingLabs提供的Rust网络安全培训课程。课程由Matthieu Christophe和Tanguy Duhamel主讲，旨在通过Rust语言教授防御性和进攻性安全工具的开发。课程内容涵盖内存安全、网络、OSINT和取证分析等主题，并分为四天进行实践教学。适合对Rust感兴趣的新手参与。... 2025-2-13 13:52:55 | 阅读: 15 | 收藏 | Fuzzing Labs - fuzzinglabs.com security memory network matthieu

Story Security Assessment Completed Strengthening Blockchain-Based IP ManagementAt FuzzingLabs we recently completed a comprehensive sec... 2025-1-28 21:37:46 | 阅读: 10 | 收藏 | Fuzzing Labs - fuzzinglabs.com security blockchain network

Story Protocol Security Assessment Completed Strengthening Blockchain-Based IP ManagementAt FuzzingLabs we recently completed a comprehensive sec... 2025-1-28 21:37:46 | 阅读: 10 | 收藏 | Fuzzing Labs - fuzzinglabs.com security blockchain network

DOS in DeFi Liquidity Pools: The Initialization Vulnerability The Initialization VulnerabilityDecentralized Exchanges (DEXs) have become a cornerstone of the DeFi... 2025-1-27 23:10:37 | 阅读: 19 | 收藏 | Fuzzing Labs - fuzzinglabs.com pools malicious raydium security

OffensiveCon 2025 – Practical Browser Fuzzing On-site Training Practical Web Browser Fuzzing TrainingKickstart your journey into the intricate world of web browser... 2025-1-23 08:43:10 | 阅读: 15 | 收藏 | Fuzzing Labs - fuzzinglabs.com compilers security patrick webassembly rendering

Breaking Down the Baseband​ : Shannon in a nutshell Over the past 30 years, technology has revolutionized communications. Mobile phones, now owned by ab... 2025-1-9 13:3:22 | 阅读: 30 | 收藏 | Fuzzing Labs - fuzzinglabs.com firmwire firmware shannon modkit loader

POST TEMPLATE – Duplicate – [#5964] Casting reverse challenge into cryptanalysis challengeIn mid-November, I participated in the GreHack... 2024-12-16 14:40:51 | 阅读: 7 | 收藏 | Fuzzing Labs - fuzzinglabs.com coeffs 00400706 finite deduce

Sponge Trouble: When Poseidon Gets Absorbed in Its Own Bugs Avoiding Cryptographic Failures in HashingWe found two subtle yet impactful bugs in the ArkWorks lib... 2024-12-12 19:14:37 | 阅读: 7 | 收藏 | Fuzzing Labs - fuzzinglabs.com squeeze absorb poseidon sponge

Uncovering a Subtle Bug in EVM Arithmetic: The Case of Negating Zero The Case of Negating ZeroOur team at FuzzingLabs has been auditing the Ethereum Virtual Machine (EVM... 2024-12-3 23:57:21 | 阅读: 5 | 收藏 | Fuzzing Labs - fuzzinglabs.com divisor dividend negate quotient sdiv

Top Vulnerabilities in Cairo Smart Contracts: Detection and Remediation What is Cairo ?In 2021, StarkWare introduced Cairo, a programming language designed for creating pro... 2024-11-26 20:55:55 | 阅读: 12 | 收藏 | Fuzzing Labs - fuzzinglabs.com cairo felt starknet l2

Revival Attacks on Solana Programs Explained Solana Vulnerability ExplainedAs the blockchain world expands, Solana has stepped into the spotlight... 2024-11-19 23:20:12 | 阅读: 8 | 收藏 | Fuzzing Labs - fuzzinglabs.com solana lamports security revival blockchain

Uncovering an Out of Memory Vulnerability in Gnark: How We Discovered CVE-2024-50354 How We Discovered CVE-2024-50354Last month (october 2024), LambdaClass and Fuzzinglabs teams discove... 2024-11-14 23:37:58 | 阅读: 17 | 收藏 | Fuzzing Labs - fuzzinglabs.com gnark memory verifying prover zkp

Aligned Layer Security Assessment Completed In-Depth Audit of Aligned Layer’s Smart Contracts and Batch ProcessingAt FuzzingLabs, we recently co... 2024-10-3 17:57:25 | 阅读: 12 | 收藏 | Fuzzing Labs - fuzzinglabs.com aligned security proofs blockchain