tags:firefoxfuzzingipc original link: IPC Fuzzing with Snapshots newsletter link: exploits.club Weekly Newsletter 27


Exploits Club Summary:

@mozdeco from Mozilla released a post on the company’s security blog detailing the new IPC fuzzing technique they have implemented for Firefox. The technical implementation uses Nyx for full-vm snapshots and AFL++ as the frontend. There is also an open-source custom agent which handles a handful of things. The write-up then details how this stack can effectively be used to fuzz a single IPC message, and how code coverage is tracked.