Team Research blog
In our latest blog post, we introduce coverage-guided fuzzing with a brief description of fundamentals and a demonstration of how modifying program instrumentation can be used to more easily track down the source of vulnerabilities and identify interesting fuzzing paths.
Finding deserialization functions accepting user input can be exciting, but what’s your plan if well-known gadget chains aren’t an option for exploitation? In this post, we explore the process of building a custom gadget chain to exploit deserialization vulnerabilities in Ruby.
We customize and use Semgrep a lot during our security assessments at IncludeSec because it helps us quickly locate potential areas of concern within large codebases. Static analysis tools (SAST) such as Semgrep are great for aiding our vulnerability hunting efforts and usually can be tied into Continuous Integration (CI) pipelines to help developers catch … Read more