Hacker News new | ask | show | jobs
by lqqq 1957 days ago
AFL is not that smart. If you only do bit flippings on the inputs, then fuzzing a JavaScript engine/dom engine will take forever. The "domino" (Mozilla internal tool) looks quite powerful as it generates semantically correct dom. Sadly, it is not open source. Google has a tool designed specifically to fuzz JavaScript engines, Fuzzilli[1], which hackers have been using for bug hunting.

[1]: https://github.com/googleprojectzero/fuzzilli
1 comments
pabs3 1957 days ago
I wonder why domino hasn't been released? Is Mozilla selling it to other companies?
link
sylvestre 1956 days ago
Because it often finds security issues in our code: see the graph at the end of the blog post.

If opensource, this fuzzer could be used against our users...

AFAIK, Mozilla doesn't sell any software!

link
glandium 1956 days ago
Mozilla sells VPN products ;) But no, not these tools.
link
pabs3 1955 days ago
VPN products are more like a service than selling software.
link