Clik here to view.
Symbolic Path Merging in Manticore
Each year, Trail of Bits runs a month-long winter internship “winternship” program. This year we were happy to host 4 winterns who contributed to 3 projects. This is the first in a series of blog posts...
View ArticleFuzzing Unit Tests with DeepState and Eclipser
If unit tests are important to you, there’s now another reason to use DeepState, our Google-Test-like property-based testing tool for C and C++. It’s called Eclipser, a powerful new fuzzer very...
View ArticleClik here to view.
Binary symbolic execution with KLEE-Native
by Sai Vegasena, New York University, and Peter Goodman, Senior Security Engineer KLEE is a symbolic execution tool that intelligently produces high-coverage test cases by emulating LLVM bitcode in a...
View ArticleClik here to view.
Watch Your Language: Our First Vyper Audit
A lot of companies are working on Ethereum smart contracts, yet writing secure contracts remains a difficult task. You still have to avoid common pitfalls, compiler issues, and constantly check your...
View ArticleClik here to view.
Symbolically Executing WebAssembly in Manticore
With the release of Manticore 0.3.3, we’re proud to announce support for symbolically executing WebAssembly (WASM) binaries. WASM is a newly standardized programming language that allows web developers...
View ArticleClik here to view.
Manticore discovers the ENS bug
The Ethereum Name Service (ENS) contract recently suffered from a critical bug that prompted a security advisory and a migration to a new contract (CVE-2020-5232). ENS allows users to associate online...
View ArticleContract verification made easier
Smart contract authors can now express security properties in the same language they use to write their code (Solidity) and our new tool, manticore-verifier, will automatically verify those invariants....
View ArticleClik here to view.
MUI: Visualizing symbolic execution with Manticore and Binary Ninja
By Alan Chang, University of Oxford During my summer internship, I had the wonderful opportunity to work on the Manticore User Interface (MUI). The MUI project aims to combine the strength of both...
View ArticleClik here to view.
Maat: Symbolic execution made easy
By Boyan Milanov We have released Maat, a cross-architecture, multi-purpose, and user-friendly symbolic execution framework. It provides common symbolic execution capabilities such as dynamic symbolic...
View ArticleClik here to view.
How I gave ManticoreUI a makeover
By Calvin Fong During my internship at Trail of Bits, I explored the effectiveness of symbolic execution for finding vulnerabilities in native applications ranging from CTF challenges to popular open...
View Article