Ada Logics Blob A RSS feed containing all blog posts from the Ada Logics blog. en-us The importance of continuity in fuzzing - CVE-2020-28362 In this blogpost we highlight the importance of continuity in fuzzing based on a recent experience with a security critical DoS issue in Go-Ethereum, CVE-2020-28362. /blog/the-importance-of-continuity-in-fuzzing-cve-2020-28362" Ada Logics Blog Securing Open Source: Fuzzing integration, vulnerability analysis and bug fixing of Fluent Bit Fluent Bit is an open source log processor and part of the Cloud Native Computing Foundation. This fall the Linux Foundation partnered with Ada Logics to integrate automated vulnerability analysis of the Fluent Bit project. Ada Logics integreated sixteen fuzzers into Fluent Bit, found more than 30 bugs, fixed many of them and also integrated continuous fuzzing into the project. This post covers the project and the results of the engagement. /blog/fluent-bit-fuzzing" Ada Logics Blog Getting started with go-fuzz In this article we will get started with go-fuzz, which is a popular open source fuzzing engine for Go applications. Fuzzing is currently gaining popularity due to its efficiency in finding bugs and vulnerabilities, and in this article you write your first fuzzer for a real-world program. /blog/getting-started-with-go-fuzz" Ada Logics Blog Symbolic execution with KLEE: From installation and introduction to bug-finding in open source software. In this post we present four videos that cover the KLEE tool. KLEE is a symbolic execution engine that can be used to automate test-case generation as well as be used to find bugs /blog/symbolic-execution-with-klee" Ada Logics Blog Comparison of the LLVM IR generated by three binary-to-llvm translators In this blog post we share some brief insights into the code produced three popular binary-to-llvm translators. We do so through an empirical comparison between the LLVM code created by the three different translators when matched with the same binary code samples. /blog/binary-to-llvm-comparison" Ada Logics Blog The state of advanced code injections In the last few years there has been a significant interest in code injection techniques from both attackers and defenders. These techniques enable the attacker to execute arbitrary code within the address space of some target process (which is why code injections are also called process injections often). The attacker uses code injections to improve stealth and evade anti-malware products, and sometimes even to achieve persistence. Attackers, both malware and red teamers, increasingly use these techniques to bypass anti-malware systems and endpoint protection systems in order to execute their payloads /blog/the-state-of-advanced-code-injections" Ada Logics Blog Building a custom malware sandbox with PANDA - Part 1 In the last decade there has been many improvements in fine-grained analysis techniques that focus on automating reverse engineering. The PANDA reverse engineering framework is particularly interesting in this context, as it is a mature framework that offers the foundation needed to develop fine-grained dynamic analysis tools, which has a large number of applications such as malware analysis, vulnerability discovery and root-cause analysis. In this blogpost series we will introduce the reader how to get started with the PANDA reverse engineering framework in order to create sophisticated dynamic program analysis tools. /blog/Building-a-custom-malware-sandbox-with-PANDA-Part-1" Ada Logics Blog