Super hero Rust fuzzing

Super Hero Rust Fuzzing Summary: A guide to finding flaws, 0days and bugs in your rust code using fuzzing with code samples. This article shows you how to fuzz rust code with afl, hongfuzz and libfuzzer. Rust is a beautiful language but that doesnt mean you cant break things by poking at them. Rust kryptonite Rust is a memory safe language, but safety can also be disabled and unsafe code can be created by using the “unsafe” function.
Read more…

What to do when your website gets hacked?

What to do when your website gets hacked? Your website is your online business, one of the first interactions your customers will get from you, your virtual brand awareness and for a lot of people their bread and butter. Much like a owning a house, investing in a security is a great thing! You want to be able to have fences that bounce of intruders in cyberspace. After spending years in the IT Security sector we could see
Read more…

Building Vulnerability Explorer

Building our Vulnerability Explorer We wanted to make a love child between a blockchain block explorer and our api. In order to demostrate the true power of our api :) We have been using Bitcoin for a couple of years now and the true power of a block explorer in order to view transactions with a fancy interface is also pretty nice. The result is live and can be viewed at:
Read more…

Firo Solutions comes to Slack

We are live on slack A year ago we created a slack bot but we where never happy with it. So we spent some time in the workshop and created a new one, as a very lightway version of our web interface. We also have an irc bot, but people can make whatever bot they want with our api. The api is really becomming better and better and happily runs vulns.
Read more…

Updates to our Rust Cargo.toml Scanner

New fresh rusty updates So we wanted to make a command line version of rust.firosolutions.com for quickly being able to check and validate current crate(/library) versions in the Cargo.toml file. So when building a rust project we could simply validate the external crate(’s) versions. Because running with = “*” where the version is equal to just get the latest version is dangerous and will mostly break things in the future, luckily we could
Read more…

Rust Cargo.toml Scanner

Rust.firosolutions.com Cargo.toml scanner Rust.firosolutions.com is a online analyzer for Rust programming Cargo.toml files. It Will analyze your Cargo.toml and find bad versions and vulnerabilities to that affect you and by importing it to watchers.firosolutions.com it will notify you by email. We have analyzed some public Cargo.toml’s we found on github and an interesting one is that the popular online game was using an out of date version of the Rust
Read more…

Wordpress and Joomla Scanner

We are live with a new wordpress scanner! We are finally live with our one click scan a site and import it to watchers.firosolutions.com scanner! Wordpress and Joomla security is rough and we want to make it easy for everyone. Making wordpress secure is a pain in the ass so lets make it easy. A feature we get asked for a lot is one that just is “enter a domain name
Read more…

Security Headlines Podcast release

Our new podcast security headlines is live live live Security Headlines is a podcast about the latest security vulnerabilities with in the cyber security field. So if your interested about the latest security holes nomather if you are a tech savy penetration tester, a devops person, a programmer or just generally interested in the latest technology security news. Security headlines is here for you! We wanted to create a new objective cyber security podcast about the latest vulnerabilities
Read more…

Lightning Release

Our lightning release is now live! Summary We have released a new release that is improving the speed in our vulnerability management web interface a lot. As well as removing duplicate vulnerabilities on focusing more on quality. You can check it out your self at: Watchers.firosolutions.com New features Faster Web interface We are happy to go live with the new blazing fast lightning release which is making our system better and
Read more…

We love Rust

We are proud to express our love to Rust that keeps the vulns rolling in Summary What we do is parse security vulnerabilities and match them against user profiles. In order to cover the majority of platforms and software we need to dig throw a ton of vulnerabilities. We do everything from parse large XML blobs from operating system to writing custom spiders that gather the data and the list goes on.
Read more…