Papers
debug
- https://eli.thegreenplace.net/2011/01/23/how-debuggers-work-part-1
- https://www.cnblogs.com/mysky007/p/11047943.html
Fuzzing Like A Caveman系列
- https://h0mbre.github.io/Fuzzing-Like-A-Caveman/
- https://h0mbre.github.io/Fuzzing-Like-a-Caveman-2/:fuzzer优化、使用cProfile、strace、python转C
- https://h0mbre.github.io/Fuzzing-Like-A-Caveman-3/ :代码插桩、snapshot(ptrace)
- https://h0mbre.github.io/Fuzzing-Like-A-Caveman-4/ :fuzz基本定义,AFL实现原理(粗粒度),代码覆盖方式(tracking basic block 、tracking edegs and paths)、Compare Shattering(将cmp比较划分为字节/bit比较,更好粒度)
LibFuzzer
安全客系列
https://www.anquanke.com/post/id/224823
Boofuzz
http://www.nvhacker.com/2021/08/04/boofuzz协议漏洞挖掘入门教程与使用心得/
AFL
相关项目
https://zanderchang.github.io/2019/04/29/AFL及其相关拓展项目总结/
Qemu
- https://tunnelshade.in/blog/afl-internals-qemu-instrumentation/
- https://abiondo.me/2018/09/21/improving-afl-qemu-mode/
LLVM
- https://lafintel.wordpress.com/
binary-only fuzz
0xCC插桩
https://googleprojectzero.blogspot.com/2020/04/fuzzing-imageio.html
IOT fuzz
https://breaking-bits.gitbook.io/breaking-bits/vulnerability-discovery/reverse-engineering/modern-approaches-toward-embedded-research