Category: Fuzzing

This blog post presents our fuzzer for the Bluetooth Low Energy GATT layer and the related vulnerabilities found with it.

In this blog post we present PASTIS, a Python framework for ensemble fuzzing, developed at Quarkslab.

How to perform snapshot-based coverage-guided fuzzing on Windows kernel components using Rewind, a tool we have just published on Github.

We recently begun to search bugs in USB host stacks using one of our tool based on the Facedancer. This article first presents our fuzzing approach followed by a practical example of a bug in Windows 8.1 x64 full-updated. The goal of this article is not to redefine state-of-the-art USB fuzzing, nor to give a full description of our fuzzing architecture, but rather to narrate a scenario which starts from fuzzing and ends up with a bug report.