Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

ProFuzzer - On-the-fly Input Type Probing for Better Zero-day Vulnerability Discovery

IEEE via YouTube

Overview

Explore an innovative fuzzing technique called ProFuzzer in this 19-minute IEEE conference talk. Learn about on-the-fly probing that automatically recovers and understands critical input fields during the fuzzing process, enhancing zero-day vulnerability discovery. Discover how ProFuzzer intelligently adapts mutation strategies without prior knowledge of input specifications, linking related bytes and identifying field types to prune the search space. Examine the application-agnostic probe types and compare ProFuzzer's performance against popular fuzzers like AFL, AFLFast, VUzzer, Driller, and QSYM. Gain insights into ProFuzzer's impressive results, including the discovery of 42 zero-days in 10 intensively tested programs and the generation of 30 CVEs within two months.

Syllabus

ProFuzzer: On-the-fly Input Type Probing for Better Zero-day Vulnerability Discovery

Taught by

IEEE Symposium on Security and Privacy

Reviews

Start your review of ProFuzzer - On-the-fly Input Type Probing for Better Zero-day Vulnerability Discovery

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.