Golang Security
@GolangSecurity
News about #golang Security and Fuzzing. Not affiliated with @golang team.
คุณอาจชื่นชอบ
Hey #Gophers, If you want to learn how to fuzz @golang libraries using go-fuzz, check this #golang course 👇 academy.fuzzinglabs.com/introduction-g…
Several years ago, I wrote an article on #golang package design and styling which became quite popular. NotebookLM generated a podcast for it and it's ridiculous: - They have nice analogies. - They developed new ideas like keeping types closer help debugging. - They know how Go…
📡 [Monthly Fuzzing] June 2024 Here is the latest fuzzing news released last month! 📺 Videos/Podcasts FuzzyAI: Attacking LLMs With Coverage-Guided Fuzzing - youtu.be/hBPiiaUiOH8?si… Your NVMe Had Been Syz'ed - youtu.be/Jc25CM1Ppgo?si… Linux Fuzzing Tutorial with AFL Fuzzer -…
![FuzzingLabs's tweet image. 📡 [Monthly Fuzzing] June 2024
Here is the latest fuzzing news released last month!
📺 Videos/Podcasts
FuzzyAI: Attacking LLMs With Coverage-Guided Fuzzing - youtu.be/hBPiiaUiOH8?si…
Your NVMe Had Been Syz'ed - youtu.be/Jc25CM1Ppgo?si…
Linux Fuzzing Tutorial with AFL Fuzzer -…](https://pbs.twimg.com/media/GPZ6o4pa0AM5Vj4.jpg)
✨ Check out the second blog post in our series on Supply chain security for Go, by @JQiu25 and @roger2hk. Learn how Go helps you ensure reproducible builds and download trustworthy dependencies 👇 goo.gle/3NSoWsr
🎉 Go 1.20.6 and 1.19.11 are released! 🔐 Security: Includes security fixes for CVE-2023-29406 and Go issue go.dev/issue/60374 📢 Announcement: groups.google.com/g/golang-annou… 📦 Download: go.dev/dl/#go1.20.6 #golang
🔴 New video about #GPT4 for cyber-security usage and in particular bug bounty, audit, and pentesting. youtu.be/oz_GLVbJllI In this video, I gave some snippets of code to #ChatGPT and I ask him to find vulnerabilities for me. It's mind-blowing, it even found some 0 days 🔥💸
youtube.com
YouTube
GPT-4 for Bug Bounty, Audit & Pentesting?? He actually found some...
🤯 Fun fact: you can now build coverage-instrumented programs using “go build -cover”, then feed these instrumented binaries into an integration test to extend the scope of coverage testing.
Juggling with software development?🤹♂️ This week Damian Gryski (@dgryski), a Principal Software Developer at Fastly, takes us through his journey. 🤓Being advanced in high school 🤹Interest in juggling 👨💻Getting into Golang 🎙️Watch here: youtu.be/47fXlIpi1FY
🎊 Go 1.20 Release Candidate 3 is released! 🏃♀️ Run it in dev! Run it in prod! File bugs! go.dev/issue/new 🗣 Announcement: groups.google.com/g/golang-annou… 🚚 Download: go.dev/dl/#go1.20rc3 #golang
📣 VS Code Go v0.37.0 is released! 🎉 ✨This includes new analysis features that report known vulnerabilities in your dependencies.🕵️ ✏️ Release Note: github.com/golang/vscode-… 🙏Feedback on vulncheck: go.dev/s/vsc-vulnchec… ☝️File bugs: go.dev/s/vscode-issue… #VSCodeGo
😎 Fuzz testing made easy. Check out this code demo from @katie_hockman of a bug being found, fixed, and tested in real time using fuzzing ➡ goo.gle/3ELVEr6
📦 The Go team is looking to add a new package to the standard library for structured logging. Jonathan Amsterdam covered what this means at Go Day 2022. Tune in 👉 goo.gle/3GF6kZU
🥳 Go 1.19.4 and 1.18.9 are released! 🔏 Security: Includes security fixes for net/http (CVE-2022-41717, CVE-2022-41720) and os (CVE-2022-41720). 📢 Announcement: groups.google.com/g/golang-annou… 📦 Download: go.dev/dl/#go1.19.4 #golang
It's just mind-blowing! 🤯 it's so impressive that #ChatGPT is able to answer such complex subjects as exploitation, reversing, decompilation, fuzzing, etc. youtu.be/mh7wzbWAHFE I made a video about some mind-blowing examples/usages for security research and engineers.
youtube.com
YouTube
🤯 Mind-Blowing examples of OpenAI ChatGPT for Security, Infosec &...
⚡🔐 Write applications faster and more securely with Go! @OSSCody discussed some of the new and upcoming security features in Go at Go Day 2022. Watch to learn about the new govulncheck command, and how to write fuzz tests → goo.gle/3ueRrpv
🎉 24 hours until Go Day 2022 on #GoogleOSLive! Join us November 3rd to learn about: 💻 Structured Logging for Go 📝 Writing your Applications Faster and More Securely with Go ...and more! Register 👉 goo.gle/GoDay_22
"Gobra is an automated, modular verifier for Go programs, based on the Viper verification infrastructure. Go is targeted at high performance applications running in potentially distributed settings and on multicore machines." pm.inf.ethz.ch/research/gobra…
That's exactly why we are using usually using differential fuzzing to find this kind of logic bugs. It could have been catch easily if they got at least two implementation of IAVL.
so basically, Binance Bridge (BNB Beacon Chain <> Smart Chain) uses ICS-20 for token transfers, but on the BSC side, instead of ibc-go it uses a custom precompile contract for packet verification, which contains a bug to some extend, you can say the IBC protocol got exploited
To become a better Gopher, you should study the source code of the packages you use. Not only will you better understand how they work, but you'll also learn what patterns they use in practice. #golang
Finally got around to finishing my @semgrep rule to rewrite old-style go-fuzz tests to new native-fuzzing ones: github.com/dgryski/semgre… #golang
🥳 We're honored to be a sponsor at this year’s #GopherCon We can’t wait to be reunited with our fellow Gophers on Oct 6th-8th at the Marriott Marquis in Chicago! Register for your spot today → goo.gle/3LZjBx7
United States เทรนด์
- 1. D’Angelo 110K posts
- 2. D’Angelo 110K posts
- 3. Brown Sugar 10.1K posts
- 4. Black Messiah 4,326 posts
- 5. #GoodTimebro 1,434 posts
- 6. Powell 30.7K posts
- 7. Happy Birthday Charlie 106K posts
- 8. Voodoo 10.3K posts
- 9. How Does It Feel 5,370 posts
- 10. #BornOfStarlightHeeseung 73.6K posts
- 11. Rest in Power 11.2K posts
- 12. #csm217 3,410 posts
- 13. Alex Jones 24.1K posts
- 14. Sandy Hook 8,854 posts
- 15. Pentagon 90.6K posts
- 16. Osimhen 62.1K posts
- 17. #PortfolioDay 7,433 posts
- 18. Neo Soul 1,079 posts
- 19. Jill Scott N/A
- 20. #tuesdayvibe 5,875 posts
คุณอาจชื่นชอบ
-
GoLang Trends
@GolangTrends -
golangbot
@bot_golang -
GopherCon Europe
@gopherconeu -
GoLab
@golab_conf -
🇺🇦 Go performance channel
@go_perf -
Golang News & Libs & Jobs - human 🗣️ , no 🤖
@golangch -
Russ Cox
@_rsc -
golangprojects
@golangprojects -
GoLand, a JetBrains IDE
@GoLandIDE -
GopherCon
@GopherCon -
zigo 101 - Zig + Go
@zigo_101 -
Jon Calhoun
@joncalhoun -
Ardan Labs
@ardanlabs -
William (Bill) Kennedy
@goinggodotnet
Something went wrong.
Something went wrong.