Catch Me If You Can - Deterministic Discovery of Race Conditions with Fuzzing

Explore a novel approach to fuzzing that enables deterministic discovery of race condition bugs in this 41-minute Black Hat conference talk. Learn how this technique allows researchers to unearth and root cause serious concurrency issues while maintaining an enjoyable process. Discover the challenges faced by security and development teams in finding concurrency bugs, and understand why coverage-guided fuzzing alone is often insufficient for reliably detecting deep concurrency problems. Gain insights into the growing category of race condition-based vulnerabilities reported to vendors and observed in real-world exploits. Presented by Ned Williamson, this talk offers valuable information for both offensive and defensive security professionals seeking to improve their ability to identify and address these critical vulnerabilities.