SemFuzz: A Semantics-Aware Fuzzing Framework for Network Protocol Implementations

Network protocols are the foundation of modern communication, yet their implementations often contain semantic vulnerabilities stemming from inadequate understanding of specification semantics. Existing gray-box and black-box testing approaches lack semantic modeling of protocols, making it...

CVE-Factory: Scaling Expert-Level Agentic Tasks for Code Security Vulnerability

CVE-Factory is a Multi-Agent system for fully automated, end-to-end CVE reproduction. Given CVE records, the system automatically researches details, generates test cases, builds Docker environments, and validates that each vulnerability can be both exploited and patched. The pipeline transforms...

LLM-Based Dynamic Differential Testing for Database Connectors with Reinforcement Learning-Guided Prompt Selection

Database connectors are critical components enabling applications to interact with underlying database management systems DBMS, yet their security vulnerabilities often remain overlooked. Unlike traditional software defects, connector vulnerabilities exhibit subtle behavioral patterns and are...

Security and Privacy Assurance Research: SPARTA Framework

Security and Privacy Assurance Research Developed as a part of MIT Lincoln Laboratory’s test and evaluation role in the SPAR Security and Privacy Assurance Research program , SPARTA SPAR Testing and Assessment framework is a set of software applications used to evaluate the functionality and...

Dharma - A generation-based, context-free grammar fuzzer

A generation-based, context-free grammar fuzzer. Requirements None Examples Generate a single test-case. % ./dharma.py -grammars grammars/webcrypto.dg Generate a single test case with multiple grammars. % ./dharma.py -grammars grammars/canvas2d.dg grammars/mediarecorder.dg Generating test-cases a...