https://miscreants.github.io/blog.trailofbits.com/categories/internship-projects/Recent content in internship-projects on The Trail of Bits BlogHugoen-usTue, 18 Nov 2025 00:00:00 -0500https://miscreants.github.io/blog.trailofbits.com/2025/11/18/we-found-cryptography-bugs-in-the-elliptic-library-using-wycheproof/Tue, 18 Nov 2025 07:00:00 -0500https://miscreants.github.io/blog.trailofbits.com/2025/11/18/we-found-cryptography-bugs-in-the-elliptic-library-using-wycheproof/Trail of Bits discovered and disclosed two vulnerabilities in the widely used elliptic JavaScript library that could allow signature forgery or prevent valid signature verification, with one vulnerability still unfixed after the 90-day disclosure window.https://miscreants.github.io/blog.trailofbits.com/2025/11/13/building-checksec-without-boundaries-with-checksec-anywhere/Thu, 13 Nov 2025 07:00:00 -0500https://miscreants.github.io/blog.trailofbits.com/2025/11/13/building-checksec-without-boundaries-with-checksec-anywhere/Checksec Anywhere consolidates fragmented binary security analysis tools into a browser-based platform that analyzes ELF, PE, and Mach-O formats locally without compromising privacy or performance.https://miscreants.github.io/blog.trailofbits.com/2025/08/28/intern-projects-that-outlived-the-internship/Thu, 28 Aug 2025 07:00:00 -0400https://miscreants.github.io/blog.trailofbits.com/2025/08/28/intern-projects-that-outlived-the-internship/Our business operations intern at Trail of Bits built two AI-powered tools that became permanent company resources—a podcast workflow that saves 1,250 hours annually and a Slack exporter that enables efficient knowledge retrieval across the organization.https://miscreants.github.io/blog.trailofbits.com/2024/09/06/unstripping-binaries-restoring-debugging-information-in-gdb-with-pwndbg/Fri, 06 Sep 2024 09:00:21 -0400https://miscreants.github.io/blog.trailofbits.com/2024/09/06/unstripping-binaries-restoring-debugging-information-in-gdb-with-pwndbg/GDB loses significant functionality when debugging binaries that lack debugging symbols (also known as “stripped binaries”). Function and variable names become meaningless addresses; setting breakpoints requires tracking down relevant function addresses from an external source; and printing out structured values involves staring at a memory dump trying to manually discern field boundaries. […]https://miscreants.github.io/blog.trailofbits.com/2024/05/08/using-benchmarks-to-speed-up-echidna/Wed, 08 May 2024 09:30:07 -0400https://miscreants.github.io/blog.trailofbits.com/2024/05/08/using-benchmarks-to-speed-up-echidna/During my time as a Trail of Bits associate last summer, I worked on optimizing the performance of Echidna, Trail of Bits’ open-source smart contract fuzzer, written in Haskell. Through extensive use of profilers and other tools, I was able to pinpoint and debug a massive space leak in one of Echidna’s […]https://miscreants.github.io/blog.trailofbits.com/2023/12/22/catching-openssl-misuse-using-codeql/Fri, 22 Dec 2023 09:00:35 -0500https://miscreants.github.io/blog.trailofbits.com/2023/12/22/catching-openssl-misuse-using-codeql/I’ve created five CodeQL queries that catch potentially potent bugs in the OpenSSL libcrypto API, a widely adopted but often unforgiving API that can be misused to cause memory leaks, authentication bypasses, and other subtle cryptographic issues in implementations. These queries—which I developed during my internship with my mentors, Fredrik Dahlgren and […]https://miscreants.github.io/blog.trailofbits.com/2023/12/20/summer-associates-2023-recap/Wed, 20 Dec 2023 09:00:13 -0500https://miscreants.github.io/blog.trailofbits.com/2023/12/20/summer-associates-2023-recap/This past summer at Trail of Bits was a season of inspiration, innovation, and growth thanks to the incredible contributions of our talented interns, who took on a diverse range of technical projects under the mentorship of Trail of Bits engineers. We’d like to delve into their accomplishments, from enhancing the efficiency of fuzzing tools […]https://miscreants.github.io/blog.trailofbits.com/2023/04/18/a-winters-tale-improving-types-and-messages-in-gdbs-python-api/Tue, 18 Apr 2023 07:00:43 -0400https://miscreants.github.io/blog.trailofbits.com/2023/04/18/a-winters-tale-improving-types-and-messages-in-gdbs-python-api/As a winter associate at Trail of Bits, my goal was to make two improvements to the GNU Project Debugger (GDB): make it run faster and improve its Python API to support and improve tools that rely on it, like Pwndbg. The main goal was to run […]https://miscreants.github.io/blog.trailofbits.com/2023/01/19/ebpf-verifier-harness/Thu, 19 Jan 2023 08:00:42 -0500https://miscreants.github.io/blog.trailofbits.com/2023/01/19/ebpf-verifier-harness/During my internship at Trail of Bits, I prototyped a harness that improves the testability of the eBPF verifier, simplifying the testing of eBPF programs. My eBPF harness runs in user space, independently of any locally running kernel, and thus opens the door to testing of eBPF programs across different kernel versions. […]https://miscreants.github.io/blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/Thu, 12 Jan 2023 08:00:17 -0500https://miscreants.github.io/blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/Trail of Bits is publicly disclosing four vulnerabilities that affect wolfSSL: CVE-2022-38152, CVE-2022-38153, CVE-2022-39173, and CVE-2022-42905. The four issues, which have CVSS scores ranging from medium to critical, can all result in a denial of service (DoS). These vulnerabilities have been discovered automatically using the novel protocol fuzzer tlspuffin. This blog post […]https://miscreants.github.io/blog.trailofbits.com/2022/12/22/syntax-searching-c-c-clang-ast/Thu, 22 Dec 2022 08:00:52 -0500https://miscreants.github.io/blog.trailofbits.com/2022/12/22/syntax-searching-c-c-clang-ast/The naive approach to searching for patterns in source code is to use regular expressions; a better way is to parse the code with a custom parser, but both of these approaches have limitations. During my internship, I prototyped an internal tool called Syntex that does searching on Clang ASTs to avoid […]https://miscreants.github.io/blog.trailofbits.com/2022/12/13/manticore-gui-plugin-binary-ninja-ghidra/Tue, 13 Dec 2022 08:00:04 -0500https://miscreants.github.io/blog.trailofbits.com/2022/12/13/manticore-gui-plugin-binary-ninja-ghidra/Trail of Bits maintains Manticore, a symbolic execution engine that can analyze smart contracts and native binaries. While symbolic execution is a powerful technique that can augment the vulnerability discovery process, it requires some base domain knowledge and thus has its own learning curve. Given the plethora […]https://miscreants.github.io/blog.trailofbits.com/2022/11/10/divergent-representations-variable-overflows-c-compiler/Thu, 10 Nov 2022 07:30:53 -0500https://miscreants.github.io/blog.trailofbits.com/2022/11/10/divergent-representations-variable-overflows-c-compiler/Trail of Bits recently published a blog post about a signed integer overflow in certain versions of SQLite that can enable arbitrary code execution and result in a denial of service. While working on proof-of-concept exploits for that vulnerability, we noticed that the compiler’s representation of an important integer variable is semantically […]https://miscreants.github.io/blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/Tue, 25 Oct 2022 07:30:10 -0400https://miscreants.github.io/blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/Trail of Bits is publicly disclosing CVE-2022-35737, which affects applications that use the SQLite library API. CVE-2022-35737 was introduced in SQLite version 1.0.12 (released on October 17, 2000) and fixed in release 3.39.2 (released on July 21, 2022). CVE-2022-35737 is exploitable on 64-bit systems, and exploitability depends on how the program is […]https://miscreants.github.io/blog.trailofbits.com/2022/10/12/solana-jit-compiler-ebpf-arm64/Wed, 12 Oct 2022 08:00:55 -0400https://miscreants.github.io/blog.trailofbits.com/2022/10/12/solana-jit-compiler-ebpf-arm64/Andrew Haberlandt  During my summer internship at Trail of Bits, I worked on the fork of the RBPF JIT compiler that is used to execute Solana smart contracts. The RBPF JIT compiler plays a critical role on the Solana blockchain, as it facilitates the execution of contracts on validator nodes by default. Before my […]https://miscreants.github.io/blog.trailofbits.com/2022/10/05/trail-of-bits-internship-blockchain-tealer/Wed, 05 Oct 2022 09:00:42 -0400https://miscreants.github.io/blog.trailofbits.com/2022/10/05/trail-of-bits-internship-blockchain-tealer/Earlier this year, I successfully completed my internship at Trail of Bits and secured a full-time position as a Blockchain Security Analyst. This post is not intended to be a technical description of the work I did during my internship. Rather, it is intended to describe my general experience as a […]https://miscreants.github.io/blog.trailofbits.com/2022/08/25/magnifier-an-experiment-with-interactive-decompilation/Thu, 25 Aug 2022 09:00:30 -0400https://miscreants.github.io/blog.trailofbits.com/2022/08/25/magnifier-an-experiment-with-interactive-decompilation/Today, we are releasing Magnifier, an experimental reverse engineering user interface I developed during my internship. Magnifier asks, “What if, as an alternative to taking handwritten notes, reverse engineering researchers could interactively reshape a decompiled program to reflect what they would normally record?” With Magnifier, the decompiled C code isn’t the end—it’s […]https://miscreants.github.io/blog.trailofbits.com/2022/04/26/improving-the-state-of-go-fuzz/Tue, 26 Apr 2022 07:00:18 -0400https://miscreants.github.io/blog.trailofbits.com/2022/04/26/improving-the-state-of-go-fuzz/During my winternship, I used the findings from recent Go audits to make several improvements to go-fuzz, a coverage-based fuzzer for projects written in Go. I focused on three enhancements to improve the effectiveness of Go fuzzing campaigns and provide a better experience for users. I contributed to fixing type alias […]https://miscreants.github.io/blog.trailofbits.com/2021/11/17/mui-visualizing-symbolic-execution-with-manticore-and-binary-ninja/Wed, 17 Nov 2021 07:00:55 -0500https://miscreants.github.io/blog.trailofbits.com/2021/11/17/mui-visualizing-symbolic-execution-with-manticore-and-binary-ninja/During my summer internship, I had the wonderful opportunity to work on the Manticore User Interface (MUI). The MUI project aims to combine the strength of both Manticore, a powerful symbolic execution library, and Binary Ninja, a popular binary analysis tool, to provide a more intuitive and visual interface […]https://miscreants.github.io/blog.trailofbits.com/2021/11/09/privacyraven-implementing-a-proof-of-concept-for-model-inversion/Tue, 09 Nov 2021 00:45:55 -0500https://miscreants.github.io/blog.trailofbits.com/2021/11/09/privacyraven-implementing-a-proof-of-concept-for-model-inversion/Originally published August 3, 2021 During my Trail of Bits winternship and springternship, I had the pleasure of working with Suha Hussain and Jim Miller on PrivacyRaven, a Python-based tool for testing deep-learning frameworks against a plethora of privacy attacks. I worked on improving PrivacyRaven’s versatility by adding compatibility for services […]https://miscreants.github.io/blog.trailofbits.com/2021/04/02/solar-context-free-interactive-analysis-for-solidity/Fri, 02 Apr 2021 00:52:39 -0400https://miscreants.github.io/blog.trailofbits.com/2021/04/02/solar-context-free-interactive-analysis-for-solidity/We’re hiring for our Research + Engineering team!  By Aaron Yoo, University of California, Los Angeles As an intern at Trail of Bits, I worked on Solar, a proof-of-concept static analysis framework. Solar is unique because it enables context-free interactive analysis of Solidity smart contracts. A user can direct Solar to explore program paths (e.g., […]https://miscreants.github.io/blog.trailofbits.com/2021/03/19/un-bee-lievable-performance-fast-coverage-guided-fuzzing-with-honeybee-and-intel-processor-trace/Fri, 19 Mar 2021 10:00:15 -0400https://miscreants.github.io/blog.trailofbits.com/2021/03/19/un-bee-lievable-performance-fast-coverage-guided-fuzzing-with-honeybee-and-intel-processor-trace/Today, we are releasing an experimental coverage-guided fuzzer called Honeybee that records program control flow using Intel Processor Trace (IPT) technology. Previously, IPT has been scrutinized for severe underperformance due to issues with capture systems and inefficient trace analyses. My winter internship focused on working through these challenges to make […]https://miscreants.github.io/blog.trailofbits.com/2020/12/14/reverie-an-optimized-zero-knowledge-proof-system/Mon, 14 Dec 2020 07:50:27 -0500https://miscreants.github.io/blog.trailofbits.com/2020/12/14/reverie-an-optimized-zero-knowledge-proof-system/Zero-knowledge proofs, once a theoretical curiosity, have recently seen widespread deployment in blockchain systems such as Zcash and Monero. However, most blockchain applications of ZK proofs make proof size and performance tradeoffs that are a poor fit for other use-cases. In particular, these protocols often require an elaborate trusted setup phase and optimize for proof […]https://miscreants.github.io/blog.trailofbits.com/2020/10/23/efficient-audits-with-machine-learning-and-slither-simil/Fri, 23 Oct 2020 07:00:51 -0400https://miscreants.github.io/blog.trailofbits.com/2020/10/23/efficient-audits-with-machine-learning-and-slither-simil/Trail of Bits has manually curated a wealth of data—years of security assessment reports—and now we’re exploring how to use this data to make the smart contract auditing process more efficient with Slither-simil. Based on accumulated knowledge embedded in previous audits, we set out to detect similar vulnerable code snippets […]https://miscreants.github.io/blog.trailofbits.com/2020/10/22/lets-build-a-high-performance-fuzzer-with-gpus/Thu, 22 Oct 2020 06:00:14 -0400https://miscreants.github.io/blog.trailofbits.com/2020/10/22/lets-build-a-high-performance-fuzzer-with-gpus/TL;DR: Can we use GPUs to get 10x performance/dollar when fuzzing embedded software in the cloud? Based on our preliminary work, we think the answer is yes! Fuzzing is a software testing technique that supplies programs with many randomized inputs in an attempt to cause unexpected behavior. It’s an important, […]https://miscreants.github.io/blog.trailofbits.com/2020/10/14/osquery-using-d-bus-to-query-systemd-data/Wed, 14 Oct 2020 08:00:17 -0400https://miscreants.github.io/blog.trailofbits.com/2020/10/14/osquery-using-d-bus-to-query-systemd-data/During my summer internship at Trail of Bits I worked on osquery, the massively popular open-source endpoint monitoring agent used for intrusion detection, threat hunting, operational monitoring, and many other functions. Available for Windows, macOS, Linux, and FreeBSD, osquery exposes an operating system as a high-performance relational database, […]https://miscreants.github.io/blog.trailofbits.com/2020/10/09/detecting-iterator-invalidation-with-codeql/Fri, 09 Oct 2020 08:30:22 -0400https://miscreants.github.io/blog.trailofbits.com/2020/10/09/detecting-iterator-invalidation-with-codeql/Iterator invalidation is a common and subtle class of C++ bugs that often leads to exploitable vulnerabilities. During my Trail of Bits internship this summer, I developed Itergator, a set of CodeQL classes and queries for analyzing and discovering iterator invalidation. Results are easily interpretable by an auditor, […]https://miscreants.github.io/blog.trailofbits.com/2020/10/08/privacyraven-has-left-the-nest/Thu, 08 Oct 2020 08:00:36 -0400https://miscreants.github.io/blog.trailofbits.com/2020/10/08/privacyraven-has-left-the-nest/If you work on deep learning systems, check out our new tool, PrivacyRaven—it’s a Python library that equips engineers and researchers with a comprehensive testing suite for simulating privacy attacks on deep learning systems. Because deep learning enables software to perform tasks without explicit programming, it’s become ubiquitous in […]https://miscreants.github.io/blog.trailofbits.com/2020/05/29/detecting-bad-openssl-usage/Fri, 29 May 2020 07:50:06 -0400https://miscreants.github.io/blog.trailofbits.com/2020/05/29/detecting-bad-openssl-usage/OpenSSL is one of the most popular cryptographic libraries out there; even if you aren’t using C/C++, chances are your programming language’s biggest libraries use OpenSSL bindings as well. It’s also notoriously easy to mess up due to the design of its low-level API. Yet many of these mistakes fall into […]https://miscreants.github.io/blog.trailofbits.com/2020/05/22/emerging-talent-winternship-2020-highlights/Fri, 22 May 2020 07:50:14 -0400https://miscreants.github.io/blog.trailofbits.com/2020/05/22/emerging-talent-winternship-2020-highlights/The Trail of Bits Winternship is our winter internship program where we invite 10-15 students to join us over the winter break for a short project that has a meaningful impact on information security. They work remotely with a mentor to create or improve tools that solve a single impactful problem. These paid internships give […]https://miscreants.github.io/blog.trailofbits.com/2019/10/29/grace-hopper-celebration-2019/Tue, 29 Oct 2019 11:30:14 -0400https://miscreants.github.io/blog.trailofbits.com/2019/10/29/grace-hopper-celebration-2019/A few weeks ago I had the inspiring experience of attending the annual Grace Hopper Celebration (GHC), the world’s largest gathering of women in technology. Over four days in Orlando, Florida, GHC hosted a slew of workshops and presentations, plus a massive career fair with over […]https://miscreants.github.io/blog.trailofbits.com/2019/10/25/formal-analysis-of-the-cbc-casper-consensus-algorithm-with-tla/Fri, 25 Oct 2019 07:00:56 -0400https://miscreants.github.io/blog.trailofbits.com/2019/10/25/formal-analysis-of-the-cbc-casper-consensus-algorithm-with-tla/As a summer intern at Trail of Bits, I used the PlusCal and TLA+ formal specification languages to explore Ethereum’s CBC Casper consensus protocol and its Byzantine fault tolerance. This work was motivated by the Medium.com article Peer Review: CBC Casper by Muneeb Ali, Jude […]https://miscreants.github.io/blog.trailofbits.com/2019/10/04/multi-party-computation-on-machine-learning/Fri, 04 Oct 2019 10:13:15 -0400https://miscreants.github.io/blog.trailofbits.com/2019/10/04/multi-party-computation-on-machine-learning/During my internship this summer, I built a multi-party computation (MPC) tool that implements a 3-party computation protocol for perceptron and support vector machine (SVM) algorithms. MPC enables multiple parties to perform analyses on private datasets without sharing them with each other. I defveloped a technique that lets three parties obtain the results of machine […]https://miscreants.github.io/blog.trailofbits.com/2019/09/03/deepstate-now-supports-ensemble-fuzzing/Tue, 03 Sep 2019 06:50:44 -0400https://miscreants.github.io/blog.trailofbits.com/2019/09/03/deepstate-now-supports-ensemble-fuzzing/We are proud to announce the integration of ensemble fuzzing into DeepState, our unit-testing framework powered by fuzzing and symbolic execution. Ensemble fuzzing allows testers to execute multiple fuzzers with varying heuristics in a single campaign, while maintaining an architecture for synchronizing generated input seeds across […]https://miscreants.github.io/blog.trailofbits.com/2019/09/02/rewriting-functions-in-compiled-binaries/Mon, 02 Sep 2019 06:50:31 -0400https://miscreants.github.io/blog.trailofbits.com/2019/09/02/rewriting-functions-in-compiled-binaries/As a summer intern at Trail of Bits, I’ve been working on building Fennec, a tool to automatically replace function calls in compiled binaries that’s built on top of McSema, a binary lifter developed by Trail of Bits. The Problem Let’s say you have a compiled binary, but you […]https://miscreants.github.io/blog.trailofbits.com/2019/08/30/binary-symbolic-execution-with-klee-native/Fri, 30 Aug 2019 06:50:08 -0400https://miscreants.github.io/blog.trailofbits.com/2019/08/30/binary-symbolic-execution-with-klee-native/KLEE-Native, a fork of KLEE that operates on binary program snapshots by lifting machine code to LLVM bitcode.https://miscreants.github.io/blog.trailofbits.com/2019/08/29/reverse-taint-analysis-using-binary-ninja/Thu, 29 Aug 2019 06:50:20 -0400https://miscreants.github.io/blog.trailofbits.com/2019/08/29/reverse-taint-analysis-using-binary-ninja/We open-sourced a set of static analysis tools, KRFAnalysis, that analyze and triage output from our system call (syscall) fault injection tool KRF. Now you can easily figure out where and why, KRF crashes your programs. During my summer internship at Trail of Bits, I worked on KRF, […]https://miscreants.github.io/blog.trailofbits.com/2019/08/26/wrappers-delight/Mon, 26 Aug 2019 06:50:40 -0400https://miscreants.github.io/blog.trailofbits.com/2019/08/26/wrappers-delight/During my summer at Trail of Bits, I took full advantage of the latest C++ language features to build a new SQLite wrapper from scratch that is easy to use, lightweight, high performant, and concurrency friendly—all in under 750 lines of code.https://miscreants.github.io/blog.trailofbits.com/2019/08/06/better-encrypted-group-chat/Tue, 06 Aug 2019 06:50:24 -0400https://miscreants.github.io/blog.trailofbits.com/2019/08/06/better-encrypted-group-chat/Broadly, an end-to-end encrypted messaging protocol is one that ensures that only the participants in a conversation, and no intermediate servers, routers, or relay systems, can read and write messages. An end-to-end encrypted group messaging protocol is one that ensures this for all participants in a conversation of three or more people. End-to-end encrypted group […]https://miscreants.github.io/blog.trailofbits.com/2019/06/25/creating-an-llvm-sanitizer-from-hopes-and-dreams/Tue, 25 Jun 2019 06:50:21 -0400https://miscreants.github.io/blog.trailofbits.com/2019/06/25/creating-an-llvm-sanitizer-from-hopes-and-dreams/Each year, Trail of Bits runs a month-long winter internship aka “winternship” program. This year we were happy to host 4 winterns who contributed to 3 projects. This project comes from Carson Harmon, a new graduate from Purdue interested in compilers and systems engineering, and a new full-time member of our research practice. I set […]https://miscreants.github.io/blog.trailofbits.com/2019/04/01/performing-concolic-execution-on-cryptographic-primitives/Mon, 01 Apr 2019 07:50:55 -0400https://miscreants.github.io/blog.trailofbits.com/2019/04/01/performing-concolic-execution-on-cryptographic-primitives/For my winternship and springternship at Trail of Bits, I researched novel techniques for symbolic execution on cryptographic protocols. I analyzed various implementation-level bugs in cryptographic libraries, and built a prototype Manticore-based concolic unit testing tool, Sandshrew, that analyzed C cryptographic primitives under a symbolic and concrete environment. Sandshrew is a first step […]https://miscreants.github.io/blog.trailofbits.com/2019/01/25/symbolic-path-merging-in-manticore/Fri, 25 Jan 2019 07:50:16 -0500https://miscreants.github.io/blog.trailofbits.com/2019/01/25/symbolic-path-merging-in-manticore/Each year, Trail of Bits runs a month-long winter internship “winternship” program. This year we were happy to host 4 winterns who contributed to 3 projects. This is the first in a series of blog posts covering the 2019 Wintern class. Our first report is from Vaibhav Sharma (@vbsharma), a PhD student at the University […]https://miscreants.github.io/blog.trailofbits.com/2018/08/14/fault-analysis-on-rsa-signing/Tue, 14 Aug 2018 12:39:52 -0400https://miscreants.github.io/blog.trailofbits.com/2018/08/14/fault-analysis-on-rsa-signing/This spring and summer, as an intern at Trail of Bits, I researched modeling fault attacks on RSA signatures. I looked at an optimization of RSA signing that uses the Chinese Remainder Theorem (CRT) and induced calculation faults that reveal private keys. I analyzed fault attacks at a low level rather than in […]https://miscreants.github.io/blog.trailofbits.com/2018/07/06/optimizing-lifted-bitcode-with-dead-store-elimination/Fri, 06 Jul 2018 07:50:11 -0400https://miscreants.github.io/blog.trailofbits.com/2018/07/06/optimizing-lifted-bitcode-with-dead-store-elimination/Tim Alberdingk Thijm As part of my Springternship at Trail of Bits, I created a series of data-flow-based optimizations that eliminate most “dead” stores that emulate writes to machine code registers in McSema-lifted programs. For example, applying my dead-store-elimination (DSE) passes to Apache httpd eliminated 117,059 stores, or 50% of the store operations to Remill’s […]https://miscreants.github.io/blog.trailofbits.com/2016/08/09/work-for-us-fall-and-winter-internship-opportunities/Tue, 09 Aug 2016 07:50:59 -0400https://miscreants.github.io/blog.trailofbits.com/2016/08/09/work-for-us-fall-and-winter-internship-opportunities/If you’re studying in a degree program, and you thrive at the intersection of software development and cyber security, you should apply to our fall or winter internship programs. It’s a great way to add paid experience -and a publication- to your resume, and get a taste of what it’s like to work in a commercial […]https://miscreants.github.io/blog.trailofbits.com/2015/09/10/summer-trail-of-bits/Thu, 10 Sep 2015 07:50:45 -0400https://miscreants.github.io/blog.trailofbits.com/2015/09/10/summer-trail-of-bits/This summer I’ve had the incredible opportunity to work with Trail of Bits as a high school intern. In return, I am obligated to write a blog post about this internship. So without further ado, here it is. Starting with Fuzzing The summer kicked off with fuzzing, a technique I had heard of but had […]