Hackfest 2020

Your locale preferences have been saved. We like to think that we have excellent support for English in pretalx, but if you encounter issues or errors, please contact us!

Advanced fuzzing workshop
11-21, 14:30–16:30 (Canada/Eastern), Hackfest - Sponsor room (and workshops)
Language: English

In this workshop, I will cover some advanced fuzzing techniques and tricks for finding bugs in real modern software. I will show you how to improve your fuzzing workflow, using a methodology that can be easily applied to your software projects.

The workshop has a practical orientation so that attendees get a chance to learn by themselves and use their acquired knowledge. The format of the workshop will be a CTF (Capture-the-flag).

I will also show real vulnerabilities that I have found during the last year, as well as how I've used fuzzing to find them. Such bugs will serve as starting point for the rest of the workshop.

The CFT phase will be divided into 3 challenges:

  • Challenge 1: a review of the basic concepts
  • Challenge 2: focused on Network fuzzing
  • Challenge 3: focused on Custom mutators

I will give participants some hints and tips before and during each challenge. After each challenge, I will give participants a possible solution and I will explain it to them. In this way, participants will go through a learning-by-doing process

It's a medium-advanced level workshop, so previously knowledge about fuzzing and bug hunting is required.


WorkShop URL

https://github.com/antonio-morales/Hackfest_Advanced_Fuzzing_Workshop

Telegram Group

If you haven't already joined, it's time to do it: https://t.me/joinchat/CdbD2UVzGlW2j6yQizL5Yw

You will need it to use it to send me your questions & solutions

Prerequisites

  • Basic knowledge of fuzzing
  • Working knowledge of C programming
  • Command-line basics
  • Bug hunting experience is desirable

Agenda

I will cover different fuzzing topics, including the following:

  • Sanitizers (ASAN, UBSAN, MSAN, etc.)
  • Custom coverage and efficient instrumentation
  • Dictionaries optimization
  • Dealing with checksums, ciphers, and other monsters
  • Structure-aware fuzzing & Custom Mutators
  • Domain-specific feedback (FuzzFactory)
  • Parallel fuzzing and Mutation scheduling

Who should attend?

  • Bug hunters who don't make ends meet
  • Pentesters tired of using Burp and Nessus
  • Developers that want to know more about the dark side
  • Anyone wishing to improve their skills of fuzzing or with an interest in how to find vulnerabilities in real software projects.

Technical Requirements

A laptop capable of connecting to the internet

Tools required

Nothing special. A virtual machine image will be provided a few days before the workshop

Level

Medium-advanced

Why this workshop?

I think there are not many free workshops about finding vulnerabilities and fuzzing (almost all out there are expensive paid workshops)
I will also cover some fuzzing topics that are novel (such as Domain-specific feedback and External event monitoring).

Bio

Antonio Morales works as a security researcher at GitHub, whose primary mission is to help improve Open Source project's security. Antonio's interests include fuzzing, code analysis, exploit development and C/C++ security.


Are you releasing a tool? – no

Antonio Morales works as a security researcher at GitHub Security Lab, whose primary mission is to help improve Open Source project's security. Antonio's interests include fuzzing, code analysis, exploit development and C/C++ security.

Twitter: @Nosoynadiemas