Profile avatar
adrianherrera.bsky.social
Security researcher with a penchant for programming language theory. Building fuzzers @interruptlabs.bsky.social. https://adrianherrera.github.io/
75 posts 461 followers 314 following
Prolific Poster
Conversation Starter
Posts 35 Comments 15

Our team member Man Yue Mo is back, showing a new way to bypass MTE protection on Android phones with CVE-2025-0072. github.blog/security/vul...

submitted 2 days ago • 0 comments

Happy to share my upcoming #ATC25 paper w/ @snagycs.bsky.social: "BIN2WRONG: a Unified Fuzzing Framework for Uncovering Semantic Errors in Binary-to-C Decompilers"! Bin2Wrong creates binaries by mutating source, compiler, optimizations, and format—revealing 48 new bugs in 7 decompilers! 💪

submitted 2 days ago • 1 comment

We're are happy to announce a new release of our #Rust bindings for idalib. What's new: - New APIs for working with IDBs, segments, and more - Rust 2024 support - New homepage: idalib.rs H/T to our contributors @yeggor.bsky.social & @raptor.infosec.exchange.ap.brid.gy github.com/binarly-io/i...

submitted 3 days ago • 0 comments

with offensivecon around the corner, i figured id write another post on linux kernel exploitation techniques - this time i cover the world of page table exploitation! enjoy 🤓 sam4k.com/page-table-k...

submitted 17 days ago • 0 comments

Gave a talk on external fuzzing of Linux kernel USB drivers with syzkaller at SAFACon. Includes a demonstration of how to rediscover CVE-2024-53104, an out-of-bounds bug in the USB Video Class driver. Slides: docs.google.com/presentation...

submitted 18 days ago • 1 comment

Wrote a lil' guide to help get people started with the 🆕 `ipsw` AI decompiler 📖 blacktop.github.io/ipsw/docs/gu...

submitted 19 days ago • 0 comments

Can confirm the hardware lab is pretty cool 😎

submitted 24 days ago • 0 comments

In today's #AST2025 keynote on our new #Fandango fuzzer, I presented ongoing extensions for protocol fuzzing, oracle checking, coverage guidance, much more. Slides now available: conf.researchr.org/details/ast-...

submitted 26 days ago • 1 comment

Fuzzing Windows ARM64 binaries with a DBI and LLVM? Here we go: www.romainthomas.fr/post/25-04-w...

submitted 27 days ago • 0 comments

I'm proud to announce that myself and @AtipriyaBajaj have created the Workshop on Software Understanding and Reverse Engineering (SURE), which will be co-located at CCS 2025. sure-workshop.org/ Please follow our workshop account @sureworkshop and RT it for visibility :).

submitted 30 days ago • 1 comment

Just skimmed over or it so far but looks like a nice overview on snapshot fuzzing by @theoabel.com fuzzinglabs.com/state-of-lin...

submitted 30 days ago • 0 comments

the guy who reversed the denuvo drm @momo5502.bsky.social works on a high-perf windows emulator for security research. I noticed that it supports icicle as a backend, a fuzzing-specific emulator. awesome to see academic work being continuously developed and making it into the real world

submitted 31 days ago • 2 comments

About to celebrate Easter with your family but don't know what to talk about at the table? Then don't lose time and read our new article about RPAC! Written by @zadig.trollab.org ! blog.epsilon-sec.com/cve-2025-312...

submitted 35 days ago • 0 comments

“15,000 lines of verified cryptography now in Python” Nice write up on integrating the hash and HMAC routines from the HACL* verified crypto library into Python 🎉 jonathan.protzenko.fr/2025/04/18/p...

submitted 34 days ago • 0 comments

My new blog post, which I presented at #Zer0Con2025 A binary level macOS KEXT kernel address sanitizer r00tkitsmm.github.io/fuzzing/2025...

submitted 45 days ago • 0 comments

What do you get if you combine #grammars, #constraints, #evolutionary algorithms, and #Python in one? A mighty fuzzer! Check out our latest #FANDANGO work, to appear at #ISSTA2025: publications.cispa.de/articles/sta... To try out Fandango yourself, check out its home page: fandango-fuzzer.github.io

submitted 44 days ago • 0 comments

From firmware dumps to wireless exploration — check out our latest dive into DVB receiver analysis and the hidden attack surface it exposes! www.synacktiv.com/en/publicati...

submitted 46 days ago • 0 comments

Fun fact: you can attach to the gdbserver exposed by #rr and do #TimeTravelDebugging from #Ghidra :) UX is similar to ret-sync. Original->

submitted 47 days ago • 0 comments

Saturday morning read: “QUIC-Fuzz: An Effective Greybox Fuzzer For The QUIC Protocol” arxiv.org/abs/2503.19402

submitted 57 days ago • 0 comments

Check out or work on automated testing of MLIR compilers, which Jacob Yu will present at @ASPLOSConf next week (joint work with Nick Wu) www.doc.ic.ac.uk/~afd/papers/...

submitted 60 days ago • 0 comments

There's still time to submit to FUZZING'25! This year, we're accepting both the (now classic) registered reports _and_ new short papers (fuzzing nuggets). Deadline is now March 26th! fuzzingworkshop.github.io

submitted 64 days ago • 2 comments

Looks fun! Under-constrained symbolic execution for ARM, PPC, and x86 binaries + LLM bitcode. Also plugs into Ghidra.

submitted 66 days ago • 0 comments

Need a fuzzing harness? No time to write one? Tired of false-positives? Let OGHarn lead the way to bug discovery!🐞 I'm excited to share my paper(with @snagycs.bsky.social)"No Harness, No Problem: Oracle-guided Harnessing for Auto-generating C API Fuzzing Harnesses" at @icseconf.bsky.social 2025!

submitted 68 days ago • 1 comment

libAFL is a beast. it has so many settings to tweak, different modes to select and the code can be quite scary at first. but writing a target-specific custom fuzzer is super powerful! to get started, Trail of Bits just published a nice primer: appsec.guide/docs/fuzzing...

submitted 74 days ago • 0 comments

My total rewrite of the instructions on cross-compiling Clang/LLVM for Linux using Clang/LLVM for Linux has now landed. If you want to cross-compile LLVM without getting angry - this is your guide! llvm.org/docs/HowToCr...

submitted 74 days ago • 0 comments

Really enjoyed speaking at the inaugural edition of @re-verse.io! You can find Tomasz' and my slides on tricks with SIMs and interposers here: tinyurl.com/reverse25-si...

submitted 81 days ago • 0 comments

I had a blast speaking and being at the RE//verse conference! so many cool people and great discussions on firmware, fuzzing, ai and binary analysis if you want to find out more about firmware rehosting or are an enjoyer of ascii diagrams, check out the slides to my talk below :)

submitted 82 days ago • 1 comment

If you are looking for my slides from my Reverse talk, you can find it and useful artifacts here: github.com/mahaloz/t...

submitted 84 days ago • 0 comments

Only a week and a half left for USENIX WOOT '25 conference submissions - deadline March 11 AoE. We’re looking forward to seeing even more of your amazing offensive security papers this year! And still a few days for up-and-coming track (March 4). CfP at www.usenix.org/conference/w...

submitted 85 days ago • 0 comments

We @binarly.bsky.social are pleased to announce a new release of our Rust bindings for Hex-Rays IDA Pro (crates.io/crates/idalib) with support for the latest v9.1 release! Special thanks to @yeggor.bsky.social for taking care of the changes needed to make everything compatible with this release!

submitted 85 days ago • 0 comments

Interested in #fuzzing #hypervisors? With Truman we create precise device models that are state-aware and precisely mutate message sequences #NDSS25 nebelwelt.net/blog/2025/02...

submitted 87 days ago • 0 comments

Did you always want to fuzz with #MSan but were worried about false positives? Fear no more, with QMsan #NDSS25, we create a binary-rewriting based approach that reduces false positives efficiently! nebelwelt.net/blog/2025/02...

submitted 87 days ago • 0 comments

Thrilled to share that our work type++, a novel C++ dialect designed to eliminate type confusion by design, won the Best Paper Award at #NDSS25! 🏆🚀 #EPFL #RUB @gannimo.bsky.social Nicolas Badoux Yuseok Jeon www.ndss-symposium.org/wp-content/u...

submitted 87 days ago • 1 comment

Logic.py: Bridging the gap between LLMs and constraint solvers. ~ Pascal Kesseli, Peter O'Hearn, Ricardo Silveira Cabral. arxiv.org/abs/2502.15776 #LLMs #Logic #SAT #SMT

submitted 89 days ago • 0 comments

#FUZZING'25 CALL FOR PAPERS ────── ✨ New OC members: * Ruijie Meng (@ruijiemeng.bsky.social; NUS) * Rohan Padhye (@rohan.padhye.org; CMU). ✨ New paper type: Fuzzing Nuggets (short papers). 🔗 fuzzingworkshop.github.io 📅 20.March (Submission) 📅 17.April (Notification) 📅 28.June (Workshop)

submitted 96 days ago • 1 comment