Hot Topics

Internship Projects

Catching OpenSSL misuse using CodeQL

Catching OpenSSL misuse using CodeQL

| | Internship Projects, Uncategorized
By Damien Santiago I’ve created five CodeQL queries that catch potentially potent bugs in the OpenSSL libcrypto API, a widely adopted but often unforgiving API that can be misused to cause memory ...
Trail of Bits Blog
Summer associates 2023 recap

Summer associates 2023 recap

| | Internship Projects
This past summer at Trail of Bits was a season of inspiration, innovation, and growth thanks to the incredible contributions of our talented associates, who took on a diverse range of technical ...
Trail of Bits Blog

A Winter’s Tale: Improving messages and types in GDB’s Python API

| | Internship Projects
By Matheus Branco Borella, University of São Paulo As a winter associate at Trail of Bits, my goal was to make two improvements to the GNU Project Debugger (GDB): make it run ...
Trail of Bits Blog
Harnessing the eBPF Verifier

Harnessing the eBPF Verifier

| | eBPF, Internship Projects, Linux
By Laura Bauman During my internship at Trail of Bits, I prototyped a harness that improves the testability of the eBPF verifier, simplifying the testing of eBPF programs. My eBPF harness runs ...
Trail of Bits Blog
Keeping the wolves out of wolfSSL

Keeping the wolves out of wolfSSL

| | cryptography, fuzzing, Internship Projects
By Max Ammann Trail of Bits is publicly disclosing four vulnerabilities that affect wolfSSL: CVE-2022-38152, CVE-2022-38153, CVE-2022-39173, and CVE-2022-42905. The four issues, which have CVSS scores ranging from medium to critical, can ...
Trail of Bits Blog
Look out! Divergent representations are everywhere!

Look out! Divergent representations are everywhere!

| | Binary Ninja, CodeQL, Internship Projects, Research Practice, Uncategorized
By Andreas Kellas Trail of Bits recently published a blog post about a signed integer overflow in certain versions of SQLite that can enable arbitrary code execution and result in a denial ...
Trail of Bits Blog
Stranger Strings: An exploitable flaw in SQLite

Stranger Strings: An exploitable flaw in SQLite

| | attacks, Internship Projects
By Andreas Kellas Trail of Bits is publicly disclosing CVE-2022-35737, which affects applications that use the SQLite library API. CVE-2022-35737 was introduced in SQLite version 1.0.12 (released on October 17, 2000) and ...
Trail of Bits Blog
Porting the Solana eBPF JIT compiler to ARM64

Porting the Solana eBPF JIT compiler to ARM64

| | blockchain, Crytic, Engineering Practice, Internship Projects, Uncategorized
By Andrew Haberlandt  During my summer internship at Trail of Bits, I worked on the fork of the RBPF JIT compiler that is used to execute Solana smart contracts. The RBPF JIT ...
Trail of Bits Blog
Magnifier: An Experiment with Interactive Decompilation

Magnifier: An Experiment with Interactive Decompilation

| | Internship Projects, Program Analysis, Static Analysis
By Alan Chang Today, we are releasing Magnifier, an experimental reverse engineering user interface I developed during my internship. Magnifier asks, “What if, as an alternative to taking handwritten notes, reverse engineering ...
Trail of Bits Blog
MUI: Visualizing symbolic execution with Manticore and Binary Ninja

MUI: Visualizing symbolic execution with Manticore and Binary Ninja

| | Binary Ninja, Internship Projects, Manticore, Symbolic Execution
By Alan Chang, University of Oxford During my summer internship, I had the wonderful opportunity to work on the Manticore User Interface (MUI). The MUI project aims to combine the strength of ...
Trail of Bits Blog
Load more