pwnpope



LibAFL | Babies first coverage-guided fuzzer

󰃭 2024-12-30 |  #coverage-guided fuzzing #fuzzing #LibAFL

I recently got the chance to give a talk at work titled fuzzing with LibAFL and finding 0days fast (hopefully). My goal by the end of this is to guide you through building your first fuzzer using LibAFL in a whitebox setting. We will be fuzzing an example C program I built and statically linking the function of interest into our fuzzer.

Continue reading 

Automating triggering _int_free for faster pwnage

󰃭 0001-01-01 |  #_int_free #automation #heap #pwn

I played in LACTF 2025 and I wanted to quickly share how I was able to automate triggering sysmalloc->_int_free for faster pwnage and calling free at will instead of having to do it manually each time. The challenge that I made the functionality for was called lamp, by enzocut.

Continue reading 