progscrape: blog.trailofbits.com

The $1.5B Bybit Hack

41 days ago blog.trailofbits.com security

Don't Recurse on Untrusted Input

40 days ago blog.trailofbits.com

Best practices for key derivation

2 months ago blog.trailofbits.com cryptography

Attestations: A new generation of signatures on PyPI

4 months ago blog.trailofbits.com cryptography python security

A deep dive into Linux's new mseal syscall

5 months ago blog.trailofbits.com linux security

Fuzzing between the lines in popular barcode software

5 months ago blog.trailofbits.com security

Microsoft didn't sandbox Windows Defender, so I did (2017)

5 months ago blog.trailofbits.com microsoft windows

Friends don’t let friends reuse nonces

6 months ago blog.trailofbits.com cryptography security

"Unstripping" binaries: Restoring debugging information in GDB with Pwndbg

7 months ago blog.trailofbits.com debugging reversing

Why You Should Stop Using RSA: A Deep Dive Into Its Security Pitfalls

6 months ago blog.trailofbits.com rsa

Notes on AWS Nitro Enclaves: Attack Surface

6 months ago blog.trailofbits.com aws

AWS Nitro Enclaves: Attack Surface

6 months ago blog.trailofbits.com aws

Provisioning cloud infrastructure the wrong way, but faster

7 months ago blog.trailofbits.com security

“YOLO” is not a valid hash construction

7 months ago blog.trailofbits.com cryptography hash

Our audit of Homebrew

8 months ago blog.trailofbits.com ruby security

Quantum is unimportant to post-quantum

9 months ago blog.trailofbits.com cryptography security

AES-Gem (AES with Galois Extended Mode)

8 months ago blog.trailofbits.com aes

EuroLLVM 2024 trip report

9 months ago blog.trailofbits.com compiler

The good, the bad, and the weird (2018)

9 months ago blog.trailofbits.com

Themes from Real World Crypto 2024

9 months ago blog.trailofbits.com cryptography

The life and times of an Abstract Syntax Tree

11 months ago blog.trailofbits.com compiler

The life of an optimization barrier

10 months ago blog.trailofbits.com rust wasm

A peek into build provenance for Homebrew

10 months ago blog.trailofbits.com cryptography ruby security

Introducing Ruzzy, a coverage-guided Ruby fuzzer

12 months ago blog.trailofbits.com ruby security testing

Read code like a pro with our weAudit VSCode extension

12 months ago blog.trailofbits.com security

Why fuzzing over formal verification?

12 months ago blog.trailofbits.com

How we applied fuzzing techniques to cURL

13 months ago blog.trailofbits.com security testing web

Cloud cryptography demystified: Amazon Web Services

13 months ago blog.trailofbits.com amazon cryptography web

Security flaws in an SSO plugin for Caddy (2023)

13 months ago blog.trailofbits.com

appsec.guide just got a new chapter on fuzzing

13 months ago blog.trailofbits.com security testing

>progscrape ▒

All the news that's fit to scrape

Display options