Hacker News new | past | comments | ask | show | jobs | submit login

AFL is not that smart. If you only do bit flippings on the inputs, then fuzzing a JavaScript engine/dom engine will take forever. The "domino" (Mozilla internal tool) looks quite powerful as it generates semantically correct dom. Sadly, it is not open source. Google has a tool designed specifically to fuzz JavaScript engines, Fuzzilli[1], which hackers have been using for bug hunting.

[1]: https://github.com/googleprojectzero/fuzzilli




I wonder why domino hasn't been released? Is Mozilla selling it to other companies?


Because it often finds security issues in our code: see the graph at the end of the blog post.

If opensource, this fuzzer could be used against our users...

AFAIK, Mozilla doesn't sell any software!


Mozilla sells VPN products ;) But no, not these tools.


VPN products are more like a service than selling software.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: