Dive into the world of fuzzing with this hands-on workshop designed for non-programmers. Learn to set up a fuzzing environment, use tools like AFL and Honggfuzz, and explore techniques such as instrumentation, input selection, and corpus minimization. Gain practical experience with tcpdump, compile-time instrumentation, and crash analysis. Delivered by experienced researcher Rushikesh D. Nandedkar, this comprehensive session covers everything from basic concepts to advanced techniques, catering to beginners and intermediate learners alike.
The Crash Course - A Non-Programmer's Guide to Fuzzing
Overview
Syllabus
Introduction
Solutions Agenda
Motivation Thoughts
fuzzing definition
why fuzzing
fuzzing process
test case generation
fuzzer logic
postmortem debugger
address sanitizer
crash reduction
crash analysis
fuzzing types
compiletime instrumentation
demo time
tcpdump
setting up afl
gcc
build tcpdump with aflcc
tcpdump commands
tcpdump command
Taught by
nullcon
