Introducing Choronzon: an approach at knowledge-based evolutionary fuzzing

CENSUS researchers Nikolaos Naziridis and Zisis Sialveras have recently presented their research on knowledge-based evolutionary fuzzing, at ZeroNights 2015 in Moscow, Russia. The talk introduced a cross-platform evolutionary fuzzing framework, that will be released as a free and open-source tool.

The road to efficient Android fuzzing

In the aftermath of the recent Android stagefright vulnerabilities, efficient fuzz testing techniques and tools for the Android ecosystem are again in the spotlight. In this post we would like to share some of the fuzz testing experience we have gained through our projects and show how it can be applied in the Android world. Additionally, we’ll enlist some of the public contributions we’ve made to open source tools aiming to help the community focus more on the target and less on the tooling.

Introducing wifiphisher - BSides London 2015

Hello. My name is George Chatzisofroniou (@_sophron) and I work as a security engineer at CENSUS. This summer I gave a talk at BSides London. The talk was called ‘Introducing wifiphisher, a tool for automated WiFi phishing attacks’ and revolved around the recently published tool.

Fuzzing Objects d’ART — Hack In The Box 2015 Amsterdam

Hello, my name is Anestis Bechtsoudis and I’m a security engineer at CENSUS. I recently gave a talk on Android ART runtime fuzzing techniques at the Hack-in-the-Box 2015 Amsterdam security conference. The talk entitled “Fuzzing Objects d’ART — Digging Into the New Android L Runtime Internals”, analyzed a series of DEX smart fuzzing techniques targeting the bytecode optimization and compilation components of the new Android ART runtime.