Spawn a dynamic debugger from your application like ipdb.set_trace() / binding.pry, but in Rust.

A deck building tower defense game written in Rust.

An AFL style feedback fuzzer, that uses grammars to find more bugs. Written in Rust and published at NDSS 2019

A binary fuzzer that automatically solves magic Bytes and checksums during fuzzing. Published at NDSS 2019.

Uses program synthesis to deobfuscate VM instruction handlers used by obfuscators such as VMProtect and Themida. Published at USENIX Security 2017.

An AFL style feedback fuzzer, that uses Intel-PT to trace operating systems without access to sourcecode. Published at USENIX Security 2017

A very efficient data structure to query ranges for Rust. Useful to implement analysis passes on memory/code/firmware dumps.

Sample from discrete distributions in O(1). Very useful when building randomized generators and fuzzer in Rust.