unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Evaluating Solidity support in AI coding assistants
By Artem DinaburgAI-enabled code assistants (like GitHub’s Copilot, Continue.dev...
2024-11-19 22:0:37 | 阅读: 0 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
solidity
deepseek
compchomper
evaluation
coder
Attestations: A new generation of signatures on PyPI
Read the official announcement on the PyPI blog as well!For the past year, we’v...
2024-11-14 22:0:15 | 阅读: 7 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
pypi
publishing
provenance
sigstore
Killing Filecoin nodes
By Simone MonicaIn January, we identified and reported a vulnerability in the Lo...
2024-11-13 19:0:12 | 阅读: 4 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
bls
blsincludes
msgs
tipsetidx
tipsets
Fuzzing between the lines in popular barcode software
By Artur CyganFuzzing—one of the most successful techniques for finding security...
2024-10-31 21:0:18 | 阅读: 2 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
zbar
nix
fuzzer
drv
memory
A deep dive into Linux’s new mseal syscall
By Alan CaoIf you love exploit mitigations, you may have heard of a new system c...
2024-10-25 21:0:18 | 阅读: 0 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
vma
mseal
memory
sealing
shellcode
Auditing Gradio 5, Hugging Face’s ML GUI framework
This is a joint post with the Hugging Face Gradio team; read their announcement h...
2024-10-11 00:0:29 | 阅读: 1 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
gradio
frp
security
attacker
tob
Securing the software supply chain with the SLSA framework
By Cliff SmithSoftware supply chain security has been a hot topic since the Sola...
2024-10-1 21:0:58 | 阅读: 1 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
provenance
slsa
software
artifact
security
A few notes on AWS Nitro Enclaves: Attack surface
By Paweł PłatekIn the race to secure cloud applications, AWS Nitro Enclaves have...
2024-9-24 21:0:36 | 阅读: 5 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
enclave
enclaves
clock
security
nitro
Announcing the Trail of Bits and Semgrep partnership
At Trail of Bits, we aim to share and develop tools and resources used in our sec...
2024-9-19 21:0:30 | 阅读: 3 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
semgrep
security
trail
handbook
broader
Inside DEF CON: Michael Brown on how AI/ML is revolutionizing cybersecurity
At DEF CON, Michael Brown, Principal Security Engineer at Trail of Bits, sat down...
2024-9-17 21:0:8 | 阅读: 4 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
security
software
aixcc
Friends don’t let friends reuse nonces
By Joe DoyleIf you’ve encountered cryptography software, you’ve probably heard t...
2024-9-13 21:0:54 | 阅读: 6 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
tux
alice
noise
reuse
Sanitize your C++ containers: ASan annotations step-by-step
By Dominik Klemba and Dominik CzarnotaAddressSanitizer (ASan) is a compiler plug...
2024-9-10 21:0:42 | 阅读: 11 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
memory
annotations
asan
annotate
contiguous
“Unstripping” binaries: Restoring debugging information in GDB with Pwndbg
By Jason AnGDB loses significant functionality when debugging binaries that lack...
2024-9-6 21:0:21 | 阅读: 6 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
pwndbg
dumping
structs
stripped
What would you do with that old GPU?
read file error: read notes: is a directory...
2024-9-5 21:0:11 | 阅读: 9 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
gpus
analysis
datalog
Provisioning cloud infrastructure the wrong way, but faster
By Artem DinaburgToday we’re going to provision some cloud infrastructure the Ma...
2024-8-27 21:0:6 | 阅读: 5 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
claude
cloud
chatgpt
passwords
coded
“YOLO” is not a valid hash construction
By Opal WrightAmong the cryptographic missteps we see at Trail of Bits, “let’s b...
2024-8-21 21:0:51 | 阅读: 4 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
alice
memory
yolomac
k1
compute
We wrote the code, and the code won
By Tjaden HessEarlier this week, NIST officially announced three standards speci...
2024-8-15 19:50:31 | 阅读: 3 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
dsa
slh
transition
codebase
pqc
Trail of Bits Advances to AIxCC Finals
Trail of Bits has qualified for the final round of DARPA’s AI Cyber Challenge (AI...
2024-8-13 07:23:13 | 阅读: 21 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
aixcc
competition
darpa
buttercup
Trail of Bits’ Buttercup heads to DARPA’s AIxCC
With DARPA’s AI Cyber Challenge (AIxCC) semifinal starting today at DEF CON 2024,...
2024-8-9 21:10:29 | 阅读: 31 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
buttercup
competition
aixcc
Beyond the best: A new era of recommendations
By Josiah DykstraWe continuously aim to question assumptions and challenge conve...
2024-8-7 21:0:41 | 阅读: 2 |
收藏
|
Trail of Bits Blog - blog.trailofbits.com
advice
readers
phrase
thoughtful
integrating
Previous
-74
-73
-72
-71
-70
-69
-68
-67
Next