“Good enough” emulation: Fuzzing a single thread to uncover vulnerabilities

A Cisco Talos researcher worked around the limitations of hardware-level Code Read-out Protection RDP on the Socomec DIRIS M-70 gateway by pivoting from physical debugging to a "good enough" emulation approach. By focusing on emulating only the single thread responsible for Modbus protocol handli...

blogpost_qiling_dlink_1

It is an offensive tool for exploiting vulnerabilities in software. The repository contains a Python script that exploits a vulnerability in a software product. The script is designed to be used by a penetration tester or a security researcher to test the security of the software. The script uses...