Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CACfEFw-QKzgmfZsM28niy-scVgRJ3EgaincorrVmnmXTnSy3MA@mail.gmail.com>
Date: Wed, 31 Oct 2018 15:04:15 -0400
From: Wes Turner <wes.turner@...il.com>
To: Carter Cheng <cartercheng@...il.com>
Cc: "kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>
Subject: Re: Empirically testing the effectiveness of kernel hardening patches

https://en.wikipedia.org/wiki/Fuzzing

https://github.com/secfigo/Awesome-Fuzzing

https://github.com/kernelslacker/trinity

https://github.com/google/syzkaller/#external-articles

https://github.com/google/syzkaller/blob/master/docs/syzbot.md

> syzbot system continuously fuzzes main Linux kernel branches and
automatically reports found bugs to kernel mailing lists

https://github.com/oracle/kernel-fuzzing

I just found these, so IDK

Does Kali include virtualization  such as KVM and fuzzing / dynamic
analysis / static analysis tools and a CI pipeline that can execute
on_commit to new git branches?

On Wednesday, October 31, 2018, Carter Cheng <cartercheng@...il.com> wrote:

> Hi,
>
> Is there some sort of standard testbed for testing the effectivenss of a
> kernel hardening patch to see how effective it is against current malware?
> How does one go about this?
>
> I assume when it comes to hardening the kernel the main target is certain
> forms of privilege escalation. Is it possible to use Kali linux for this
> purpose?
>
> Thanks in advance,
>
> Carter.
>

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.