Last year, in “Taint Nobody Got Time for Crash Analysis”, we presented implementations of analyses performed on taint traces that included a tool to help determine input leading to a crash and an exploitability evaluation tool based on symbolic execution. This year we will expand on these topics with a study of our efforts towards improving the effectiveness of binary differential analysis (bindiff) and replicating Microsoft Research’s work on the “Scalable, Automated, Guided Execution” (SAGE) fuzzer.