https://miscreants.github.io/blog.trailofbits.com/authors/matt-schwager/Recent content in Matt Schwager on The Trail of Bits BlogHugoen-usThu, 11 Dec 2025 00:00:00 -0500https://miscreants.github.io/blog.trailofbits.com/2025/12/11/introducing-mrva-a-terminal-first-approach-to-codeql-multi-repo-variant-analysis/Thu, 11 Dec 2025 07:00:00 -0500https://miscreants.github.io/blog.trailofbits.com/2025/12/11/introducing-mrva-a-terminal-first-approach-to-codeql-multi-repo-variant-analysis/Our new tool mrva is a terminal-first tool for running CodeQL multi-repository variant analysis locally,allowing users to download pre-built databases, analyze them with custom queries, and view results directly in the terminal.https://miscreants.github.io/blog.trailofbits.com/2025/08/20/marshal-madness-a-brief-history-of-ruby-deserialization-exploits/Tue, 19 Aug 2025 07:00:00 -0400https://miscreants.github.io/blog.trailofbits.com/2025/08/20/marshal-madness-a-brief-history-of-ruby-deserialization-exploits/This post traces the decade-long evolution of Ruby Marshal deserialization exploits, demonstrating how security researchers have repeatedly bypassed patches and why fundamental changes to the Ruby ecosystem are needed rather than continued patch-and-hope approaches.https://miscreants.github.io/blog.trailofbits.com/2024/12/09/35-more-semgrep-rules-infrastructure-supply-chain-and-ruby/Mon, 09 Dec 2024 09:00:43 -0500https://miscreants.github.io/blog.trailofbits.com/2024/12/09/35-more-semgrep-rules-infrastructure-supply-chain-and-ruby/We are publishing another set of custom Semgrep rules, bringing our total number of public rules to 115. This blog post will briefly cover the new rules, then explore two Semgrep features in depth: regex mode (especially how it compares against generic mode), and HCL language support for technologies […]https://miscreants.github.io/blog.trailofbits.com/2024/03/29/introducing-ruzzy-a-coverage-guided-ruby-fuzzer/Fri, 29 Mar 2024 09:30:44 -0400https://miscreants.github.io/blog.trailofbits.com/2024/03/29/introducing-ruzzy-a-coverage-guided-ruby-fuzzer/Trail of Bits is excited to introduce Ruzzy, a coverage-guided fuzzer for pure Ruby code and Ruby C extensions. Fuzzing helps find bugs in software that processes untrusted input. In pure Ruby, these bugs may result in unexpected exceptions that could lead to denial of service, and in Ruby C extensions, they […]https://miscreants.github.io/blog.trailofbits.com/2024/02/23/continuously-fuzzing-python-c-extensions/Fri, 23 Feb 2024 09:30:03 -0500https://miscreants.github.io/blog.trailofbits.com/2024/02/23/continuously-fuzzing-python-c-extensions/Deserializing, decoding, and processing untrusted input are telltale signs that your project would benefit from fuzzing. Yes, even Python projects. Fuzzing helps reduce bugs in high-assurance software developed in all programming languages. Fortunately for the Python ecosystem, Google has released Atheris, a coverage-guided fuzzer for both pure Python code and Python C […]https://miscreants.github.io/blog.trailofbits.com/2024/01/17/30-new-semgrep-rules-ansible-java-kotlin-shell-scripts-and-more/Wed, 17 Jan 2024 08:30:32 -0500https://miscreants.github.io/blog.trailofbits.com/2024/01/17/30-new-semgrep-rules-ansible-java-kotlin-shell-scripts-and-more/We are publishing a set of 30 custom Semgrep rules for Ansible playbooks, Java/Kotlin code, shell scripts, and Docker Compose configuration files. These rules were created and used to audit for common security vulnerabilities in the listed technologies. This new release of our Semgrep rules joins our public CodeQL […]