@joshbressers newer tools have trended towards customization (AFL++, Jackalope for fuzzing, CodeQL for static analysis) because vulnerability research requires knowledge of the code and environment to have effective results.I worry for open source having to deal with a worse version of "my scanner found a thousand uses of strcpy", and having to divert attention from actual security issues.
J
