FUZZING
8 articles tagged "fuzzing"
Why Invariant Testing Matters for DeFi Security
Unit tests check what you think of. Invariant tests check what you don't. Here's why every DeFi protocol needs invariant testing and how it has saved millions in real engagements.
How We Found Real Vulnerabilities with Fuzzing
A technical deep-dive into real vulnerabilities we've found through fuzzing, from critical accounting bugs to subtle rounding exploits. Includes the properties that caught them.
Property Design Patterns for DeFi Lending Protocols
A practical catalog of invariant property patterns for lending protocols — from solvency and utilization bounds to liquidation health checks — with Solidity code for each.
Echidna vs Medusa: A Practical Comparison for Security Researchers
A hands-on comparison of Echidna and Medusa for smart contract fuzzing. We cover performance, configuration, corpus management, and when to choose each tool.
5 Smart Contract Vulnerabilities That Unit Tests Will Never Catch
Unit tests check what you expect. But the most dangerous vulnerabilities hide in the unexpected — cross-function reentrancy, rounding accumulation, and more. Here are five categories unit tests will never catch.
How to Set Up Continuous Security Testing with CI/CD and Fuzzing
Stop treating security as a one-time audit. Learn how to integrate Chimera-based fuzzing into your CI/CD pipeline with GitHub Actions so every pull request gets fuzzed automatically.
Stateful Fuzzing Explained: Why Sequence Matters in Smart Contract Testing
Most smart contract bugs only manifest after a specific sequence of transactions. Stateful fuzzing explores these sequences automatically — here is how it works and why it matters.
From Zero to Fuzzing: A Beginner's Guide to the Chimera Framework
A hands-on beginner tutorial for the Chimera framework. Go from an empty project to running invariant tests with Foundry, Echidna, and Medusa — no prior fuzzing experience required.