Explore the fundamentals of fuzzing with American Fuzzy Lop (AFL) in this 51-minute conference talk from CircleCityCon 2017. Delve into traditional closing logic, understand the problem at hand, and learn about program monitoring and execution. Discover how to run AFL and analyze TCP dumps, while also addressing limitations in closed-source applications. Examine various applications, including Google and Windows implementations, and explore instrumented and processor trace techniques. Gain insights into manual fuzzing, Driller, and Blinker methodologies. Discuss open problems in the field and understand the importance of fuzzing in cybersecurity. Access additional resources and code examples on GitHub to further enhance your fuzzing skills.
Overview
Syllabus
Intro
Who is Adam
Rules of Engagement
Traditional Closing Logic
The Problem
The Program
Monitoring Execution
Running AFL
TCP Dump
Closed Source
Limitations
Applications
Google
Windows
Instrumented
Processor Trace
Manual Fuzzing
Driller
Blinker
Open problem
Why bother
GitHub
Related Courses
-
Fuzzing Embedded - Trusted Operating Systems Using AFL
-
Fuzzing with AFL
-
AFL's Blindspot and How to Resist AFL Fuzzing for Arbitrary ELF Binaries
-
AFL-Unicorn - Fuzzing the 'Unfuzzable'
-
When Virtualization Encounters AFL - A Portable Virtual Device Fuzzing Framework with AFL
-
Go Speed Tracer - Guided Fuzzing
