Gabriel Sherman

Ph.D. Student, University of Utah | Computer Security

About Me

I’m a security-focused Ph.D. researcher specializing in automated vulnerability discovery, fuzz testing, and large-scale tooling for secure systems. I’m particularly interested in expanding the scope and scale of software testing across an increasingly complex software ecosystem. Some of the bugs I’ve found can be found here.

Publications

  1. No Harness, No Problem: Oracle-guided Harnessing for Auto-generating C API Fuzzing Harnesses
    • Gabriel Sherman and Stefan Nagy
    • International Conference on Software Engineering (ICSE ‘25)

Invited Talks & Articles

Title Event Date
Building checksec without boundaries with Checksec Anywhere The Trail of Bits Blog 11/2025
Introduction to Fuzzing University of Utah Cybersecurity Club 03/2025
Automated Bug Finding Kahlert School of Computing 09/2024
Automatic Harness Generation for C-based Libraries Empite Hacking NYC 08/2024
Automated Harness Generation Mountain West Undergraduate Research Showcase 11/2023

  • Harnessing 101: A Beginner's Guide to Fuzzing Harnesses

     By Gabriel Sherman

    Posted on September 17, 2025

    As a newcomer to the computer security world working on my first paper, No Harness, No Problem: Oracle-guided Harnessing for Auto-generating C API Fuzzing Harnesses, I inevitably spent countless hours studying, building, and running fuzzing harnesses. This guide aims to answer the questions and issues I struggled with early on,... [Read More]
    Tags: