unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Differential fuzz testing upgradeable smart contracts with Diffusc
By William E Bodell III (@WEBthe3rd)On March 28, 2023, SafeMoon, a self-styled “...
2023-7-5 19:0:33 | 阅读: 36 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
diffusc
proxy
ctoken
comp
hevm
Trail of Bits’s Response to NTIA AI Accountability RFC
By Heidy Khlaaf and Artem DinaburgThe National Telecommunications and Informatio...
2023-6-16 20:0:10 | 阅读: 12 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
software
claims
assessments
regulatory
Finding bugs in C code with Multi-Level IR and VAST
Intermediate languages (IRs) are what reverse engineers and vulnerability researc...
2023-6-15 19:0:10 | 阅读: 15 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
vast
hl
mlir
sequoia
checker
Trusted publishing: a new benchmark for packaging security
Read the official announcement on the PyPI blog as well!For the past year, we’ve...
2023-5-23 19:0:20 | 阅读: 20 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
pypi
publishing
oidc
github
security
Real World Crypto 2023 Recap
Last month, hundreds of cryptographers descended upon Tokyo for the first Real Wo...
2023-5-16 21:54:43 | 阅读: 18 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
pqc
primitives
rwc
security
slides
Introducing Windows Notification Facility’s (WNF) Code Integrity
By Yarden Shafir, Senior Security EngineerWNF (Windows Notification Facility) is...
2023-5-15 19:0:45 | 阅读: 19 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
wnf
signals
windows
security
Loose code, sinks nodes: What should governments consider when getting involved with blockchain?
Last September, Principal Security Engineer Dr. Evan Sultanik was on a panel host...
2023-4-25 19:0:57 | 阅读: 12 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
blockchain
web3
security
development
blockchains
Typos that omit security features and how to test for them
By Dominik ‘disconnect3d’ CzarnotaDuring a security audit, I discovered an easy-...
2023-4-20 19:0:8 | 阅读: 24 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
checksec
typo
security
chk
A Winter’s Tale: Improving messages and types in GDB’s Python API
By Matheus Branco Borella, University of São PauloAs a winter associate at Trail...
2023-4-18 19:0:43 | 阅读: 18 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
objfile
python
loader
obstack
memory
How to avoid the aCropalypse
By Henrik Brodin, Lead Security Engineer, ResearchThe aCropalypse is upon us!La...
2023-3-30 20:0:22 | 阅读: 15 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
polytracker
re3eot
spots
acropalypse
cropped
Can you pass The Rekt Test?
Audits from Trail of Bits give organizations ways to fix their current issues and...
2023-3-22 19:30:59 | 阅读: 24 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
security
blockchain
posture
funds
hardware
Codex (and GPT-4) can’t beat humans on smart contract audits
By Artem Dinaburg, Chief Technology Officer; Josselin Feist, Principal Engineer;...
2023-3-22 19:0:49 | 阅读: 14 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
codex
toucan
analysis
tooling
ownership
Circomspect has more passes!
By Fredrik Dahlgren, Principal Security EngineerTL;DR: We have released version...
2023-3-21 20:0:24 | 阅读: 13 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
lessthan
signals
num2bits
circomspect
constrain
We need a new way to measure AI security
Tl;dr: Trail of Bits has launched a practice focused on machine learning and arti...
2023-3-14 20:0:47 | 阅读: 9 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
security
machine
assurance
trail
adapted
Reusable properties for Ethereum contracts
As smart contract security constantly evolves, property-based fuzzing has become...
2023-2-27 21:0:54 | 阅读: 18 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
echidna
erc20
crytic
security
mint
Escaping well-configured VSCode extensions (for profit)
By Vasco FrancoIn part one of this two-part series, we escaped Webviews in real-...
2023-2-23 21:0:42 | 阅读: 24 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
vscode
microsoft
postmessage
Escaping misconfigured VSCode extensions
TL;DR: This two-part blog series will cover how I found and disclosed three vulne...
2023-2-21 21:0:50 | 阅读: 23 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
vscode
attacker
sarif
webviews
subdomain
Readline crime: exploiting a SUID logic bug
By roddux // Rory MI discovered a logic bug in the readline dependency partiall...
2023-2-16 21:0:0 | 阅读: 25 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
readline
chfn
rl
getenv
inputrc
cURL audit: How a joke led to significant findings
By Maciej DomanskiIn fall 2022, Trail of Bits audited cURL, a widely-used comman...
2023-2-14 21:0:14 | 阅读: 19 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
memory
fuzzer
proxy
aflplusplus
specifies
Harnessing the eBPF Verifier
By Laura BaumanDuring my internship at Trail of Bits, I prototyped a harness tha...
2023-1-19 21:0:42 | 阅读: 21 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
ebpf
verifier
harness
libbpf
bounded
Previous
5
6
7
8
9
10
11
12
Next