Language: English
11-21, 14:30–16:30 (Canada/Eastern), Hackfest - Sponsor room (and workshops)
In this workshop, I will cover some advanced fuzzing techniques and tricks for finding bugs in real modern software. I will show you how to improve your fuzzing workflow, using a methodology that can be easily applied to your software projects.
The workshop has a practical orientation so that attendees get a chance to learn by themselves and use their acquired knowledge. The format of the workshop will be a CTF (Capture-the-flag).
I will also show real vulnerabilities that I have found during the last year, as well as how I've used fuzzing to find them. Such bugs will serve as starting point for the rest of the workshop.
The CFT phase will be divided into 3 challenges:
- Challenge 1: a review of the basic concepts
- Challenge 2: focused on Network fuzzing
- Challenge 3: focused on Custom mutators
I will give participants some hints and tips before and during each challenge. After each challenge, I will give participants a possible solution and I will explain it to them. In this way, participants will go through a learning-by-doing process
It's a medium-advanced level workshop, so previously knowledge about fuzzing and bug hunting is required.
WorkShop URL
https://github.com/antonio-morales/Hackfest_Advanced_Fuzzing_Workshop
Telegram Group
If you haven't already joined, it's time to do it: https://t.me/joinchat/CdbD2UVzGlW2j6yQizL5Yw
You will need it to use it to send me your questions & solutions
Prerequisites
- Basic knowledge of fuzzing
- Working knowledge of C programming
- Command-line basics
- Bug hunting experience is desirable
Agenda
I will cover different fuzzing topics, including the following:
- Sanitizers (ASAN, UBSAN, MSAN, etc.)
- Custom coverage and efficient instrumentation
- Dictionaries optimization
- Dealing with checksums, ciphers, and other monsters
- Structure-aware fuzzing & Custom Mutators
- Domain-specific feedback (FuzzFactory)
- Parallel fuzzing and Mutation scheduling
Who should attend?
- Bug hunters who don't make ends meet
- Pentesters tired of using Burp and Nessus
- Developers that want to know more about the dark side
- Anyone wishing to improve their skills of fuzzing or with an interest in how to find vulnerabilities in real software projects.
Technical Requirements
A laptop capable of connecting to the internet
Tools required
Nothing special. A virtual machine image will be provided a few days before the workshop
Level
Medium-advanced
Why this workshop?
I think there are not many free workshops about finding vulnerabilities and fuzzing (almost all out there are expensive paid workshops)
I will also cover some fuzzing topics that are novel (such as Domain-specific feedback and External event monitoring).
Bio
Antonio Morales works as a security researcher at GitHub, whose primary mission is to help improve Open Source project's security. Antonio's interests include fuzzing, code analysis, exploit development and C/C++ security.
Antonio Morales works as a security researcher at GitHub Security Lab, whose primary mission is to help improve Open Source project's security. Antonio's interests include fuzzing, code analysis, exploit development and C/C++ security.
Twitter: @Nosoynadiemas