Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Fuzz Everything, Everywhere, All at Once - Advanced QEMU-Based Fuzzing

media.ccc.de via YouTube

Overview

Explore advanced QEMU-based fuzzing techniques in this 41-minute conference talk from the 37th Chaos Communication Congress (37C3). Dive into the AFLplusplus open-source project's innovative approaches to fuzzing binary-only targets. Learn how to leverage AFL++ and QEMU for discovering command and SQL injections, expanding beyond traditional memory corruption detection. Discover a scalable method for fuzzing binary-only code using LibAFL and QEMU, with a focus on testing Android libraries without physical devices. Gain insights into QEMU-based instrumentation engines, high-performance cross-architecture fuzzing, and target instrumentation. Witness a demonstration of injection vulnerability detection in binaries using AFL++. Explore LibAFL QEMU's convenient APIs for target hooking with Rust, and understand how to build custom fuzzers that scale efficiently across multiple cores and machines for faster vulnerability discovery.

Syllabus

37C3 - Fuzz Everything, Everywhere, All at Once

Taught by

media.ccc.de

Reviews

Start your review of Fuzz Everything, Everywhere, All at Once - Advanced QEMU-Based Fuzzing

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.