Date: Wed, 31 Oct 2018 15:04:15 -0400 From: Wes Turner <wes.turner@...il.com> To: Carter Cheng <cartercheng@...il.com> Cc: "kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com> Subject: Re: Empirically testing the effectiveness of kernel hardening patches https://en.wikipedia.org/wiki/Fuzzing https://github.com/secfigo/Awesome-Fuzzing https://github.com/kernelslacker/trinity https://github.com/google/syzkaller/#external-articles https://github.com/google/syzkaller/blob/master/docs/syzbot.md > syzbot system continuously fuzzes main Linux kernel branches and automatically reports found bugs to kernel mailing lists https://github.com/oracle/kernel-fuzzing I just found these, so IDK Does Kali include virtualization such as KVM and fuzzing / dynamic analysis / static analysis tools and a CI pipeline that can execute on_commit to new git branches? On Wednesday, October 31, 2018, Carter Cheng <cartercheng@...il.com> wrote: > Hi, > > Is there some sort of standard testbed for testing the effectivenss of a > kernel hardening patch to see how effective it is against current malware? > How does one go about this? > > I assume when it comes to hardening the kernel the main target is certain > forms of privilege escalation. Is it possible to use Kali linux for this > purpose? > > Thanks in advance, > > Carter. > Content of type "text/html" skipped
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.