dmnk
@dmnk.bsky.social
【DΞCOMPILΞ NΣVΞR】
Android Red Team @google
Fuzzing @aflplusplus.bsky.social
CTF @enoflag
(opinions my own)
Android Red Team @google
Fuzzing @aflplusplus.bsky.social
CTF @enoflag
(opinions my own)
Reposted by dmnk
I've uploaded the slides of my recent talk "JS Engine Security in 2025": saelo.github.io/presentation.... I think there'll also be a recording available at some point (otherwise I can make one as not everything's in the slides).
Fantastic conference as usual, big thanks to the PoC Crew!
Fantastic conference as usual, big thanks to the PoC Crew!
saelo.github.io
November 24, 2025 at 9:58 AM
I've uploaded the slides of my recent talk "JS Engine Security in 2025": saelo.github.io/presentation.... I think there'll also be a recording available at some point (otherwise I can make one as not everything's in the slides).
Fantastic conference as usual, big thanks to the PoC Crew!
Fantastic conference as usual, big thanks to the PoC Crew!
I shouldn's have cancelled my Pebble preorder
www.youtube.com/shorts/n1UEX...
www.youtube.com/shorts/n1UEX...
Pebblemon - Optimized for Pebble 2 Duo
YouTube video by Harrison Allen
www.youtube.com
November 23, 2025 at 1:32 PM
I shouldn's have cancelled my Pebble preorder
www.youtube.com/shorts/n1UEX...
www.youtube.com/shorts/n1UEX...
Reposted by dmnk
Finding 0day is the one unsaturated LLM eval left
November 18, 2025 at 5:26 PM
Finding 0day is the one unsaturated LLM eval left
Great blog post 🦀🦀🦀
With Rust development surpassing C++ in the Android platform in 2025, we can start making reliable comparisons.
Rollback rates, code review latency, vulnerability density, and a CVE with a twist.
security.googleblog.com/2025/11/rust...
Rollback rates, code review latency, vulnerability density, and a CVE with a twist.
security.googleblog.com/2025/11/rust...
Rust in Android: move fast and fix things
Posted by Jeff Vander Stoep, Android Last year, we wrote about why a memory safety strategy that focuses on vulnerability prevention in ...
security.googleblog.com
November 18, 2025 at 10:25 AM
Great blog post 🦀🦀🦀
Reposted by dmnk
Crashing calculators and CAD editors? GUIFuzz++ is finally here to help make them better! 🔥
Come see my undergraduate student @trowlett0.bsky.social's very first paper "GUIFuzz++" at @aseconf.bsky.social this Wednesday.
Also now integrated in @aflplusplus.bsky.social! 😃
github.com/AFLplusplus/...
Come see my undergraduate student @trowlett0.bsky.social's very first paper "GUIFuzz++" at @aseconf.bsky.social this Wednesday.
Also now integrated in @aflplusplus.bsky.social! 😃
github.com/AFLplusplus/...
November 17, 2025 at 9:02 PM
Crashing calculators and CAD editors? GUIFuzz++ is finally here to help make them better! 🔥
Come see my undergraduate student @trowlett0.bsky.social's very first paper "GUIFuzz++" at @aseconf.bsky.social this Wednesday.
Also now integrated in @aflplusplus.bsky.social! 😃
github.com/AFLplusplus/...
Come see my undergraduate student @trowlett0.bsky.social's very first paper "GUIFuzz++" at @aseconf.bsky.social this Wednesday.
Also now integrated in @aflplusplus.bsky.social! 😃
github.com/AFLplusplus/...
Reposted by dmnk
It is time for the annual State of Rust Survey! 📝✨️️
Whether you've just begun using Rust, are an experienced Rust user, stopped using Rust, or might use Rust in the future, we'd like to hear from you! 🦀
Available in ten languages and open until December 17th: blog.rust-lang.org/2025/11/17/l...
Whether you've just begun using Rust, are an experienced Rust user, stopped using Rust, or might use Rust in the future, we'd like to hear from you! 🦀
Available in ten languages and open until December 17th: blog.rust-lang.org/2025/11/17/l...
Launching the 2025 State of Rust Survey | Rust Blog
Empowering everyone to build reliable and efficient software.
blog.rust-lang.org
November 17, 2025 at 4:26 PM
It is time for the annual State of Rust Survey! 📝✨️️
Whether you've just begun using Rust, are an experienced Rust user, stopped using Rust, or might use Rust in the future, we'd like to hear from you! 🦀
Available in ten languages and open until December 17th: blog.rust-lang.org/2025/11/17/l...
Whether you've just begun using Rust, are an experienced Rust user, stopped using Rust, or might use Rust in the future, we'd like to hear from you! 🦀
Available in ten languages and open until December 17th: blog.rust-lang.org/2025/11/17/l...
Reposted by dmnk
Doctor says, 'Dont worry, parser design is simple. Great programmer Kate Compton has written the parser you seek’
November 16, 2025 at 2:44 PM
Doctor says, 'Dont worry, parser design is simple. Great programmer Kate Compton has written the parser you seek’
Reposted by dmnk
LibAFL 0.15.4 has just been released 🎉
Of the 30 Contributers for this release, almost half are new faces <3
github.com/AFLplusplus/...
#Fuzzing #LibAFL #AFLplusplus
Of the 30 Contributers for this release, almost half are new faces <3
github.com/AFLplusplus/...
#Fuzzing #LibAFL #AFLplusplus
Release 0.15.4 · AFLplusplus/LibAFL
Highlights
DumpTargetBytesToDiskStage can to dump complex inputs to disk as bytes
CmpLog implementation is now consistent with AFL++ to share targets back and forth
Updated and fixed ForkserverByt...
github.com
November 12, 2025 at 3:31 PM
LibAFL 0.15.4 has just been released 🎉
Of the 30 Contributers for this release, almost half are new faces <3
github.com/AFLplusplus/...
#Fuzzing #LibAFL #AFLplusplus
Of the 30 Contributers for this release, almost half are new faces <3
github.com/AFLplusplus/...
#Fuzzing #LibAFL #AFLplusplus
"You are a smart and handsome software engineer"
Prompt engineering is just drag for computers 💅
Prompt engineering is just drag for computers 💅
November 10, 2025 at 2:38 PM
"You are a smart and handsome software engineer"
Prompt engineering is just drag for computers 💅
Prompt engineering is just drag for computers 💅
Reposted by dmnk
Some more cool JS Engine bugs found by Big Sleep were fixed in yesterday's Apple security updates: support.apple.com/en-us/125632
Technical details will be available soon at issuetracker.google.com/issues?q=com...
Technical details will be available soon at issuetracker.google.com/issues?q=com...
About the security content of iOS 26.1 and iPadOS 26.1 - Apple Support
This document describes the security content of iOS 26.1 and iPadOS 26.1.
support.apple.com
November 4, 2025 at 5:10 PM
Some more cool JS Engine bugs found by Big Sleep were fixed in yesterday's Apple security updates: support.apple.com/en-us/125632
Technical details will be available soon at issuetracker.google.com/issues?q=com...
Technical details will be available soon at issuetracker.google.com/issues?q=com...
Reposted by dmnk
support.apple.com/en-us/125632
the name "big sleep" feels a lot more insulting now that its really threatening to take our jobs
the name "big sleep" feels a lot more insulting now that its really threatening to take our jobs
About the security content of iOS 26.1 and iPadOS 26.1 - Apple Support
This document describes the security content of iOS 26.1 and iPadOS 26.1.
support.apple.com
November 4, 2025 at 5:19 PM
support.apple.com/en-us/125632
the name "big sleep" feels a lot more insulting now that its really threatening to take our jobs
the name "big sleep" feels a lot more insulting now that its really threatening to take our jobs
What is my purpose
You provide entropy
Oh
You provide entropy
Oh
November 4, 2025 at 5:37 PM
What is my purpose
You provide entropy
Oh
You provide entropy
Oh
Neat idea: Snapshot fuzzing from a certain point deeper in the target (with +- complex state), then use an AI Agent to trigger that point. Fuzzer goes brrr
Gaetano's paper on Scaling Security Testing by Adressing the Reachability Gap has been accepted at #ICSE26!
📝 gpsapia.github.io/files/ICSE_2...
🧑💻 github.com/GPSapia/Reac...
How to scale automatic security testing to arbitrary systems?
📝 gpsapia.github.io/files/ICSE_2...
🧑💻 github.com/GPSapia/Reac...
How to scale automatic security testing to arbitrary systems?
November 4, 2025 at 1:04 AM
Neat idea: Snapshot fuzzing from a certain point deeper in the target (with +- complex state), then use an AI Agent to trigger that point. Fuzzer goes brrr
Reposted by dmnk
We derestricted crbug.com/382005099 today which might just be my favorite bug of the last few years: bad interaction between WebAudio changing the CPU's handling of floats and V8 not expecting that. See crbug.com/382005099#co... for a PoC exploit. Also affected other browsers
October 29, 2025 at 2:27 PM
We derestricted crbug.com/382005099 today which might just be my favorite bug of the last few years: bad interaction between WebAudio changing the CPU's handling of floats and V8 not expecting that. See crbug.com/382005099#co... for a PoC exploit. Also affected other browsers
Reposted by dmnk
TLDR; The PSF has made the decision to put our community and our shared diversity, equity, and inclusion values ahead of seeking $1.5M in new revenue. Please read and share. pyfound.blogspot.com/2025/10/NSF-...
🧵
🧵
The official home of the Python Programming Language
www.python.org
October 27, 2025 at 2:47 PM
TLDR; The PSF has made the decision to put our community and our shared diversity, equity, and inclusion values ahead of seeking $1.5M in new revenue. Please read and share. pyfound.blogspot.com/2025/10/NSF-...
🧵
🧵
Get Low though.. 🔥
Born Too Slow on the NFS:Underground OST was a cultural reset
open.spotify.com/playlist/1Qr...
open.spotify.com/playlist/1Qr...
Need for Speed: Underground
open.spotify.com
October 26, 2025 at 3:17 AM
Get Low though.. 🔥
Must-read for fuzzing folks (read: tooling/algorithms/academia) by Addison Crump
addisoncrump.info/research/wha...
addisoncrump.info/research/wha...
What the hell are we doing? · Addison Crump
Homepage for Addison Crump
addisoncrump.info
October 26, 2025 at 3:16 AM
Must-read for fuzzing folks (read: tooling/algorithms/academia) by Addison Crump
addisoncrump.info/research/wha...
addisoncrump.info/research/wha...
Reposted by dmnk
A sandwich is $3000 but if you want meat that's another $1500 and oh if you want lettuce that's another $1500. Mustard? You're not gonna believe this
October 25, 2025 at 7:56 PM
A sandwich is $3000 but if you want meat that's another $1500 and oh if you want lettuce that's another $1500. Mustard? You're not gonna believe this
I prefer Ghidra&Frida, but...
October 25, 2025 at 6:10 PM
I prefer Ghidra&Frida, but...