Disclosing Shamir’s Secret Sharing vulnerabilities and announcing ZKDocs By Filipe Casal and Jim MillerTrail of Bits is publicly disclosing two bugs that... 2021-12-21 20:0:4 | 阅读: 41 | 收藏 | blog.trailofbits.com schemes polynomial threshold network swingby

Detecting MISO and Opyn’s msg.value reuse vulnerability with Slither By Simone MonicaOn August 18, 2021, samczsun reported a critical vulnerability i... 2021-12-17 03:00:49 | 阅读: 59 | 收藏 | blog.trailofbits.com slither detectors sol payable

What does your code use, and is it vulnerable? It-depends! You just cloned a fresh source code repository and want to get a quick sense of i... 2021-12-16 22:00:14 | 阅读: 50 | 收藏 | blog.trailofbits.com repository library python autotools

MUI: Visualizing symbolic execution with Manticore and Binary Ninja By Alan Chang, University of OxfordDuring my summer internship, I had the wonder... 2021-11-17 21:00:55 | 阅读: 54 | 收藏 | blog.trailofbits.com mui symbolic manticore internship evm

How to choose an interesting project By Trent Brunson, Head of Research & EngineeringOriginally published on October... 2021-11-12 14:09:53 | 阅读: 42 | 收藏 | blog.trailofbits.com career trail software irad commitment

Motivating global stabilization By Samuel Moelius, Staff EngineerOriginally published on October 12, 2021Consen... 2021-11-12 00:39:56 | 阅读: 46 | 收藏 | blog.trailofbits.com gst assumption processes flp delayed

Announcing osquery 5: Now with EndpointSecurity on macOS By Sharvil Shah, Senior Software EngineerOriginally published on October 6, 2021... 2021-11-10 14:56:19 | 阅读: 47 | 收藏 | blog.trailofbits.com osquery osqueryi xcsnginx developer

All your tracing are belong to BPF By Alessandro Gario, Senior Software EngineerOriginally published August 11, 202... 2021-11-10 02:00:48 | 阅读: 48 | 收藏 | blog.trailofbits.com memory callee getint64 getint64ty poll

PrivacyRaven: Implementing a proof of concept for model inversion By Philip Wang, InternOriginally published August 3, 2021During my Trail of Bit... 2021-11-09 14:45:55 | 阅读: 49 | 收藏 | blog.trailofbits.com inversion classifier trained auxiliary

Discovering goroutine leaks with Semgrep By Alex Useche, Security EngineerOriginally published May 10, 2021While learnin... 2021-11-09 14:22:44 | 阅读: 48 | 收藏 | blog.trailofbits.com semgrep goroutines concurrency anonymous hanging

Write Rust lints without forking Clippy By Samuel Moelius, Staff EngineerOriginally published May 20, 2021This blog pos... 2021-11-09 14:22:40 | 阅读: 45 | 收藏 | blog.trailofbits.com dylint lints clippy lint literal

Solar: Context-free, interactive analysis for Solidity We’re hiring for our Research + Engineering team! By Aaron Yoo, University of Ca... 2021-04-02 13:52:39 | 阅读: 200 | 收藏 | blog.trailofbits.com solar overflow analysis pane constraints

A Year in the Life of a Compiler Fuzzing Campaign By Alex Groce, Northern Arizona UniversityIn the summer of 2020, we described ou... 2021-03-24 00:00:37 | 阅读: 165 | 收藏 | blog.trailofbits.com solc compilers solidity mutation fuzzer

Un-bee-lievable Performance: Fast Coverage-guided Fuzzing with Honeybee and Intel Processor Trace By Allison Husain, UC BerkeleyToday, we are releasing an experimental coverage-g... 2021-03-19 23:00:15 | 阅读: 184 | 收藏 | blog.trailofbits.com ipt honeybee honggfuzz overhead analysis

Never a dill moment: Exploiting machine learning pickle files By Evan SultanikMany machine learning (ML) models are Python pickle files und... 2021-03-16 00:06:18 | 阅读: 197 | 收藏 | blog.trailofbits.com pickle fickling python pytorch pickling

The Tao of Continuous Integration By Paul KehrerIt is a truism in modern software development that a robust contin... 2021-02-27 00:31:47 | 阅读: 188 | 收藏 | blog.trailofbits.com developers software development trivial unreliable

Serving up zero-knowledge proofs By Jim Miller, Senior Cryptography AnalystZero-knowledge (ZK) proofs are gaining... 2021-02-19 20:59:31 | 阅读: 186 | 收藏 | blog.trailofbits.com verifier prover tennis zk ball

Confessions of a smart contract paper reviewer If you’re thinking of writing a paper describing an exciting novel approach to sm... 2021-02-05 20:59:10 | 阅读: 236 | 收藏 | blog.trailofbits.com analysis papers ether blockchain meaningful

PDF is Broken: a justCTF Challenge Trail of Bits sponsored the recent justCTF competition, and our engineers helped... 2021-02-02 21:50:28 | 阅读: 252 | 收藏 | blog.trailofbits.com polyfile mutool fstream 0x1337 binwalk

Breaking Aave Upgradeability On December 3rd, Aave deployed version 2 of their codebase. While we were not hir... 2020-12-17 01:01:55 | 阅读: 267 | 收藏 | blog.trailofbits.com proxy aave sol lendingpool