By Shaun Mirani Near the end of 2022, Trail of Bits was hired by the Open Source Technology Improvement Fund (OSTIF) to perform a security assessment of the cURL file transfer command-line utility and its library, libcurl. The scope of our engagement included a code review, a threat model, and the subject of this blog post: an engineering effort to analyze and improve cURL’s fuzzing code. We’ll di
タグ
- すべて
- まとめ (10)
- 3D (8)
- ADR (5)
- AI (75)
- AWS (235)
- Alexa (25)
- ApplePay (56)
- Arduino (3)
- Azure (11)
- BPF (103)
- Blender (25)
- C (49)
- CPU (6)
- CRE (4)
- CSRF (7)
- Ceph (9)
- DTM (6)
- DeNA (3)
- EMV (9)
- Excel (17)
- FeliCa (24)
- Font (12)
- FreeCodeCamp (3)
- GCE (3)
- GKE (8)
- Grafana (55)
- Graphviz (9)
- HTTP2 (131)
- HTTP3 (52)
- Haskell (9)
- IBM (23)
- IPA (7)
- IT (36)
- IaC (11)
- Infrastructure (344)
- Inkscape (5)
- Instagram (3)
- IoT (119)
- Istio (163)
- JSON (173)
- JWE (16)
- JWT (28)
- Jupyter (13)
- JupyterNotebook (113)
- Kafka (23)
- Kindle (18)
- Kubernetes (562)
- Kyash (44)
- LLVM (4)
- LXD (10)
- LaTeX (6)
- Loki (12)
- MQTT (17)
- MapReduce (3)
- NVIDIA (8)
- OAuth (47)
- OCR (9)
- OS (32)
- OSS (41)
- OpenCensus (3)
- OpenStack (8)
- PC (114)
- PCIDSS (8)
- PaaS (15)
- Pandas (37)
- PlantUML (39)
- PostgreSQL (10)
- QR (96)
- RFC (37)
- Raspberry Pi (703)
- RaspberryPi (23)
- Rook (3)
- SNS (4)
- SOA (3)
- SQLite (49)
- SRE (208)
- SVG (19)
- Slack (23)
- Swift (8)
- TCP (51)
- TED (4)
- TensorFlow (8)
- UE4 (7)
- UI (17)
- UX (9)
- VISA (51)
- VPC (4)
- VR (31)
- Vue.js (11)
- WSL (56)
- WebAssembly (431)
- WebAuthn (15)
- WebRTC (27)
- Wi-Fi (8)
- WiFi (14)
- Xcode (9)
- ZOZO (57)
- ZOZOTOWN (13)
- ZOZOsuits (5)
- adobe (14)
- agile (15)
- ajax (12)
- akka (5)
- algorithm (28)
- amazon (87)
- amp (3)
- anaconda (4)
- analytics (21)
- android (63)
- ansible (81)
- apache (16)
- api (519)
- apns (9)
- apple (157)
- ar (16)
- architecture (204)
- art (6)
- async (10)
- au (6)
- audio (11)
- authentication (91)
- availability (4)
- bash (50)
- batch (8)
- bigdata (3)
- bigquery (9)
- binaly (13)
- binary (21)
- bitcoin (8)
- blockchain (16)
- blog (7)
- bluemix (13)
- book (469)
- bot (12)
- browser (36)
- business (143)
- c++ (13)
- cache (7)
- cafe (3)
- calico (7)
- camera (28)
- career (11)
- cdn (16)
- centos (9)
- cf (5)
- chainer (3)
- chef (13)
- chrome (32)
- ci (54)
- cli (180)
- cloud (220)
- cloudflare (17)
- cloudfoundary (21)
- cloudfoundry (6)
- cncf (46)
- communication (4)
- community (6)
- consul (8)
- container (260)
- cookie (3)
- cookpad (13)
- cool (3)
- coreos (9)
- coursera (6)
- cpp (8)
- creditcard (116)
- cryptocurrency (3)
- css (21)
- csv (10)
- curl (40)
- cybozu (64)
- data (75)
- database (38)
- date (3)
- db (52)
- debug (47)
- deeplearning (18)
- deno (4)
- deploy (9)
- design (78)
- develop (8)
- developerWorks (5)
- development (346)
- devops (79)
- diagram (16)
- display (12)
- distributed (30)
- django (23)
- dmm (23)
- dns (42)
- docker (366)
- docomo (4)
- document (172)
- draw.io (10)
- dropbox (19)
- duckdb (30)
- e-learning (43)
- eBPF (240)
- ePub (7)
- ebook (31)
- ec (30)
- ec2 (7)
- eclipse (7)
- economy (4)
- editor (8)
- education (32)
- elastic (6)
- elasticsearch (19)
- embulk (10)
- encoding (12)
- encrypt (55)
- engineer (70)
- engineering (35)
- english (180)
- envoy (130)
- etcd (4)
- ethereum (4)
- event (4)
- evernote (10)
- fabric (6)
- facebook (17)
- fastapi (38)
- fastly (13)
- finance (27)
- fintech (55)
- firebase (10)
- firefox (13)
- flask (12)
- flickr (4)
- fluentd (24)
- food (3)
- framework (13)
- ftrace (4)
- gRPC (301)
- gVisor (4)
- gadget (256)
- gae (54)
- game (46)
- gas (4)
- gc (12)
- gcp (74)
- gdb (17)
- git (90)
- github (114)
- gitlab (49)
- gmail (6)
- gocon (19)
- golang (1345)
- google (418)
- google app engine (5)
- google home (4)
- googlewave (4)
- gpg (5)
- gradle (4)
- groovy (8)
- h2o (7)
- hadoop (33)
- hashicorp (19)
- hatena (9)
- hdmi (7)
- health (14)
- helm (9)
- heroku (14)
- html (22)
- html5 (27)
- http (184)
- https (39)
- hugo (7)
- iOS (115)
- iPad (38)
- icon (7)
- identity (14)
- image (29)
- iphone (50)
- ipython (6)
- iso8583 (3)
- jaeger (12)
- java (288)
- javascript (164)
- jazz (5)
- jenkins (10)
- job (19)
- jquery (3)
- js (15)
- jvm (34)
- k3s (6)
- k8s (506)
- keras (8)
- kernel (80)
- keyboard (3)
- kibana (4)
- kong (7)
- kvs (6)
- lambda (11)
- language (4)
- library (5)
- life (156)
- lifehack (26)
- line (124)
- linkerd (6)
- linux (845)
- loadbalance (4)
- loadbalancer (14)
- log (58)
- logging (143)
- lxc (14)
- m3 (9)
- mac (52)
- machinelearning (90)
- mackerel (11)
- make (7)
- management (10)
- markdown (78)
- mastercard (7)
- matplotlib (6)
- memory (11)
- mercari (64)
- merpay (9)
- metrics (60)
- microservice (9)
- microservices (103)
- microsoft (91)
- mkdocs (5)
- mobile (53)
- monitoring (84)
- mozilla (3)
- mruby (7)
- music (15)
- netflix (31)
- network (218)
- news (9)
- nfc (90)
- nginx (51)
- nodejs (37)
- nosql (9)
- observability (113)
- office (6)
- openapi (102)
- opencv (74)
- openid (21)
- openshift (7)
- openssl (10)
- opentelemetry (30)
- oracle (6)
- pandoc (4)
- pay.jp (3)
- payment (865)
- paypal (11)
- paypay (72)
- pdf (62)
- performance (373)
- perl (9)
- photo (4)
- pivotal (4)
- pixiv (10)
- podcast (26)
- podman (11)
- postman (6)
- programming (393)
- prometheus (54)
- protocol buffers (18)
- proxy (50)
- python (933)
- queue (7)
- quic (107)
- rakuten (5)
- rancher (5)
- redash (3)
- redis (11)
- redshift (3)
- reference (12)
- rest (59)
- rhel (15)
- robot (3)
- ruby (46)
- rust (249)
- saas (23)
- scala (19)
- scalability (12)
- scp (3)
- scrum (9)
- security (548)
- selenium (23)
- server (4)
- serverless (9)
- serverspec (9)
- servicemesh (31)
- shell (86)
- shopify (13)
- slide (8)
- social (6)
- softbank (5)
- softlayer (5)
- software (11)
- sphinx (23)
- spring (17)
- springboot (26)
- sql (33)
- square (12)
- ssh (122)
- ssl (10)
- statistics (13)
- strace (10)
- streaming (18)
- stripe (54)
- study (4)
- sudo (6)
- suica (22)
- svn (3)
- swagger (58)
- sysdig (6)
- systemd (17)
- tech (12)
- technology (99)
- terminal (34)
- terraform (20)
- test (10)
- testing (219)
- thread (10)
- tips (124)
- tls (111)
- tmux (6)
- token (7)
- tool (171)
- tools (43)
- trace (11)
- trello (4)
- trip (4)
- twilio (5)
- twitter (6)
- uber (3)
- ubuntu (67)
- uml (15)
- unicode (13)
- unity (78)
- unix (9)
- vault (15)
- vi (5)
- vim (72)
- virtualization (7)
- vmware (8)
- vscode (232)
- wacom (3)
- wasi (11)
- wasm (359)
- watson (5)
- web (161)
- websocket (22)
- webサービス (94)
- webデザイン (4)
- windows (126)
- work from home (23)
- wsgi (5)
- www (20)
- yahoo (57)
- youtube (21)
- zenn (3)
- zip (5)
- zoom (14)
- あとで読む (5210)
- いってみたい (58)
- お役立ち (5)
- まとめ (617)
- まとめサイト (4)
- クラウド (5)
- グルメ (27)
- サービス (4)
- システム開発 (4)
- ツール (11)
- パフォーマンス (4)
- ビジネス (6)
- プログラミング (7)
- リファレンス (6)
- 仕事 (4)
- 便利 (15)
- 勉強 (21)
- 動画 (5)
- 参考 (98)
- 後で確認 (28)
- 後で読む (23)
- 文字コード (8)
- 本 (8)
- 英語 (61)
- 英語学習 (21)
- 読み物 (7)
- 読書 (5)
- 資料 (4)
- 銀座 (5)
- 開発 (4)
- 食 (25)
- あとで読む (5210)
- golang (1345)
- python (933)
- payment (865)
- linux (845)
- Raspberry Pi (703)
- まとめ (617)
- Kubernetes (562)
- security (548)
- api (519)
Fuzzingに関するButterflyFishのブックマーク (1)
-
ButterflyFish 2024/03/02
- curl
- Fuzzing
リンク -
1
公式Twitter
- @HatenaBookmark
リリース、障害情報などのサービスのお知らせ
- @hatebu
最新の人気エントリーの配信
処理を実行中です
キーボードショートカット一覧
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
設定を変更しましたx