1 views collected around this technical thread.
The article explains Facebook’s autonomous integration testing infrastructure, detailing how it abstracts services, employs fuzzing, mock services, and record‑and‑playback techniques to enable scalable, isolated testing of backend microservices while minimizing friction and ensuring reliable software delivery.
The paper presents ODDFuzz, a structure‑aware directed greybox fuzzing framework that combines lightweight static taint analysis with targeted fuzzing to efficiently discover previously unknown Java deserialization (ODD) vulnerabilities, achieving higher recall and precision than existing tools and uncovering six new CVE‑rated bugs in popular Java frameworks.
The containerd project completed a comprehensive fuzzing audit that added 28 fuzzers, uncovered a critical OCI image import vulnerability (CVE‑2023‑25153), and demonstrated the robustness of its codebase while highlighting the importance of fuzz testing for cloud‑native runtime security.
This paper presents a reinforcement‑learning‑based fuzzer (RLF) that generates transaction sequences likely to trigger smart‑contract vulnerabilities, combining vulnerability‑driven and coverage‑driven rewards to improve detection efficiency and outperform existing state‑of‑the‑art tools.
Exploring Go 1.18, the article walks readers through its three flagship additions—generics, fuzzing, and workspaces—detailing installation, underlying implementation concepts, practical code examples, and how each feature enhances type safety, automated testing, and multi‑module dependency management for modern backend development.
The article explains how Facebook built a stable, abstracted integration‑testing infrastructure for backend services, combining automated testing, fuzzing, record‑and‑playback, and isolation techniques to enable rapid prototyping while avoiding side effects and improving bug detection.
This article presents a white‑box, unit‑test‑driven approach for automatically generating C/C++ test cases that detect and recall runtime stability issues, detailing problem analysis, solution design, code‑analysis, test‑data generation, code generation, failure analysis, and deployment results across large‑scale backend modules.
This article presents a comprehensive approach to automatically generate unit tests for C/C++ backend services, leveraging static code analysis, white‑box techniques, and fuzzing to create high‑coverage test cases that proactively detect stability issues without manual effort.
JD Security researchers attended the BRUCON conference to unveil a new fuzz‑testing operation that extends AFL with custom instrumentation, enabling faster testing across multiple CPU architectures and overcoming the limitations of existing fuzzers for closed‑source and non‑x86 systems.