Trail of Bits Blog

Menu

Skip to content
  • Home

Category Archives: CodeQL

Look out! Divergent representations are everywhere! November 10, 2022
Finding unhandled errors using CodeQL January 11, 2022
Detecting Iterator Invalidation with CodeQL October 9, 2020

Post navigation

About Us

Since 2012, Trail of Bits has helped secure some of the world’s most targeted organizations and products. We combine high-­end security research with a real­ world attacker mentality to reduce risk and fortify code.

Read more at www.trailofbits.com

Subscribe via RSS

RSS feed RSS - Posts

Recent Posts

  • Trusted publishing: a new benchmark for packaging security
  • Real World Crypto 2023 Recap
  • Introducing Windows Notification Facility’s (WNF) Code Integrity
  • What should governments consider when getting involved with blockchain?
  • Typos that omit security features and how to test for them
  • A Winter’s Tale: Improving messages and types in GDB’s Python API
  • How to avoid the aCropalypse
  • Codex (and GPT-4) can’t beat humans on smart contract audits
  • Circomspect has more passes!
  • We need a new way to measure AI security
  • Reusable properties for Ethereum contracts
  • Escaping well-configured VSCode extensions (for profit)
  • Escaping misconfigured VSCode extensions
  • Readline crime: exploiting a SUID logic bug
  • cURL audit: How a joke led to significant findings

Yearly Archive

  • 2020
  • 2019
  • 2018
  • 2017
  • 2016
  • 2015
  • 2014
  • 2013
  • 2012

Categories

  • Apple (13)
  • Attacks (11)
  • Audits (6)
  • Authentication (5)
  • Binary Ninja (14)
  • Blockchain (54)
  • Capture the Flag (11)
  • Careers (2)
  • CodeQL (3)
  • Compilers (24)
  • Conferences (29)
  • Containers (2)
  • Cryptography (43)
  • Crytic (4)
  • Cyber Grand Challenge (7)
  • DARPA (21)
  • Dynamic Analysis (12)
  • Ecosystem Security (1)
  • Education (16)
  • Empire Hacking (7)
  • Engineering Practice (15)
  • Events (7)
  • Exploits (29)
  • Fuzzing (32)
  • Go (4)
  • Guides (12)
  • Internship Projects (34)
  • iVerify (4)
  • Kubernetes (2)
  • Linux (2)
  • Machine Learning (8)
  • Malware (7)
  • Manticore (17)
  • McSema (11)
  • Meta (12)
  • Mitigations (10)
  • osquery (22)
  • Paper Review (11)
  • People (1)
  • Podcast (1)
  • Press Release (28)
  • Privacy (9)
  • Products (7)
  • Program Analysis (17)
  • Recruitment (1)
  • Remote Work (1)
  • Research Practice (21)
  • Reversing (14)
  • Rust (4)
  • SafeDocs (1)
  • Sinter (1)
  • Slither (3)
  • Sponsorships (12)
  • Static Analysis (28)
  • Symbolic Execution (18)
  • Training (2)
  • Uncategorized (27)
  • Windows (1)
  • Working at Trail of Bits (2)
  • Year in Review (5)
  • Zero Knowledge (10)
My Tweets
 

Loading Comments...