{"id":2536,"date":"2020-12-08T22:05:51","date_gmt":"2020-12-08T20:05:51","guid":{"rendered":"https:\/\/archive.brucon.org\/2023\/?page_id=2536"},"modified":"2022-12-28T13:30:19","modified_gmt":"2022-12-28T11:30:19","slug":"deep-dive-into-fuzzing","status":"publish","type":"page","link":"https:\/\/archive.brucon.org\/2023\/brucon-2023-training\/deep-dive-into-fuzzing\/","title":{"rendered":"Deep Dive into Fuzzing"},"content":{"rendered":"<div class=\"wpb-content-wrapper\"><p>[vc_row][vc_column][vc_column_text]<\/p>\n<h2>Course Description<\/h2>\n<p>Fuzzing is a technique of identifying software vulnerabilities by automated corpus generation. It has produced immense results and attracted a lot of visibility from security researchers and professionals in the industry, today fuzzing can be utilized in various ways which can be incorporated into your secure SDLC to discover vulnerabilities in advance and fix them.<\/p>\n<p>Finding vulnerabilities in software requires in-depth knowledge of different technology stacks. Modern day software\u2019s have a huge codebase and may contain vulnerabilities. Manually verifying such vulnerabilities is a tedious task and may not be possible in all cases. This training is designed in such a way that it introduces the concept of fuzzing and vulnerability discovery in software\u2019s covering multiple platforms such as Linux &amp; Windows and triage analysis for those vulnerabilities.<\/p>\n<p>During this training, attendees would be emulating techniques which would provide a comprehensive understanding of &#8220;Crash, Detect &amp; Triage&#8221; of fuzzed binaries or software. In &#8220;Deep dive into fuzzing&#8221; we will be covering a detailed overview of fuzzing and how it can be beneficial to professionals in uncovering security vulnerabilities with a hands-on approach through focus on labs.<\/p>\n<h3>Key Takeaways<\/h3>\n<ul>\n<li>Effective ways of fuzzing<\/li>\n<li>Understanding the different class of vulnerabilities<\/li>\n<li>Key fundamentals of fuzzing and how it works<\/li>\n<li>Creating your own grammar for fuzzing<\/li>\n<li>Implementing persistence for complex programs<\/li>\n<li>Utilizing QEMU for binary only fuzzing<\/li>\n<li>Introduction to ARM and fuzzing ARM binaries<\/li>\n<li>Getting started with fuzzing windows binaries<\/li>\n<li>Tons of exercises focusing on real world software\u2019s<\/li>\n<li>CTC \u2013 Capture the crash on a custom application<\/li>\n<\/ul>\n<p>[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2>Course contents<\/h2>\n<div class=\"gmail_default\">\n<h3 class=\"gmail_default\"><b>Day 1<\/b><\/h3>\n<ul>\n<li>Understanding fuzzing fundamentals<\/li>\n<li>AFL Internals<\/li>\n<li>Setting up the environment<\/li>\n<li>Selecting fuzzing targets<\/li>\n<li>Spinning up the fuzzer effectively<\/li>\n<li>Corpus generation<\/li>\n<li>Address\/Memory Sanitizers<\/li>\n<li>Hooking custom mutators<\/li>\n<li>\u201cNot so pro tips\u201d while fuzzing<\/li>\n<li>Parallel fuzzing<\/li>\n<li>Improving code coverage with grammar<\/li>\n<li>Plotting difference in code coverage<\/li>\n<li>Enhancing your fuzzing approach<\/li>\n<li>Symbolic execution fuzzing<\/li>\n<\/ul>\n<h3 class=\"gmail_default\"><b>Day 2<\/b><\/h3>\n<ul>\n<li>Setting up persistent mode<\/li>\n<li>Introduction to QEMU<\/li>\n<li>AFL internals for QEMU<\/li>\n<li>Targeting blackbox binaries<\/li>\n<li>Introduction to ARM<\/li>\n<li>Cross-platform architecture fuzzing<\/li>\n<li>Setting up QEMU persistent<\/li>\n<li>Introduction to network fuzzing<\/li>\n<li>WinAFL Internals<\/li>\n<li>Analyzing your target with debuggers<\/li>\n<li>Improving code coverage<\/li>\n<li>Fuzzing browser engines and SSL libraries<\/li>\n<li>Overview of different fuzzing frameworks<\/li>\n<li>Integrating slack with fuzzing stats<\/li>\n<li>Capture the crash<\/li>\n<\/ul>\n<\/div>\n<p>[\/vc_column_text][\/vc_column][vc_column][vc_column_text]<\/p>\n<h2>Who should take this course?<\/h2>\n<p>The training is aimed for individuals &amp; professionals who wish to learn the fundamentals of the fuzzing. Security engineers, penetration testers, blue or red teamers[\/vc_column_text][vc_column_text]<\/p>\n<h2>Students will be provided<\/h2>\n<ul>\n<li>Walkthrough of lab exercises.<\/li>\n<li>A dedicated server with custom OS (Windows &amp; Linux) for one month which\u00a0 can be utilized for fuzzing.<\/li>\n<li>Local lab setup (OVA of Ubuntu and Windows) loaded with all the course exercises and material including solutions.<\/li>\n<li>A private dedicated channel where trainers will be available to answer your queries after the training.<\/li>\n<\/ul>\n<p>[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2>Requirements<\/h2>\n<ul>\n<li>Basic understanding of Linux &amp; Windows fundamentals.<\/li>\n<li>Understanding of basic programming concepts, familiarity with C\/C++ and<br \/>\ncommon data types.<\/li>\n<\/ul>\n<h4>What students should bring<\/h4>\n<ul>\n<li>Attendees are required to have a system with root\/admin privilege with minimum 8GB RAM and 100 GB disk space with VirtualBox or VMware installed.<\/li>\n<\/ul>\n<p>[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column width=&#8221;5\/6&#8243;][vc_column_text]<\/p>\n<h2>Trainer Biography<\/h2>\n<p><strong>Dhiraj Mishra<\/strong> is an active speaker who has discovered multiple zero-days in<br \/>\nmodern web browsers and an open-source contributor. He is a trainer at Blackhat, BruCON, and presented in conferences such as Ekoparty, NorthSec,<br \/>\nHacktivity, PHDays &amp; HITB. In his free time, he blogs at <a href=\"http:\/\/www.inputzero.io\" target=\"_blank\" rel=\"noopener\">www.inputzero.io<\/a> and tweets on <a href=\"https:\/\/twitter.com\/RandomDhiraj\" target=\"_blank\" rel=\"noopener\">@RandomDhiraj<\/a><\/p>\n<p>Twitter: <a href=\"https:\/\/twitter.com\/RandomDhiraj\" target=\"_blank\" rel=\"noopener noreferrer\">@RandomDhiraj<\/a><\/p>\n<p>Blog: <a href=\"https:\/\/www.inputzero.io\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/www.inputzero.io<\/a>[\/vc_column_text][\/vc_column][vc_column width=&#8221;1\/6&#8243; css=&#8221;.vc_custom_1597411551164{padding-top: 50% !important;}&#8221;][vc_single_image image=&#8221;2606&#8243;][\/vc_column][\/vc_row][vc_row][vc_column width=&#8221;1\/6&#8243;][vc_single_image image=&#8221;2607&#8243;][\/vc_column][vc_column width=&#8221;5\/6&#8243;][vc_column_text]<strong>Zubin Devnani<\/strong> is a red teamer by trade, who has identified multiple<br \/>\nvulnerabilities in commonly used software. He is a trainer at Blackhat, BruCON and OWASP and has delivered multiple workshops, including PHDays and Hacktivity. Utilizes his fuzzing skills in his day-to-day trade to identify new ways of breaking into enterprises! Blogging at <a href=\"https:\/\/devtty0.io\" target=\"_blank\" rel=\"noopener\">devtty0.io<\/a> and tweets on <a href=\"https:\/\/twitter.com\/p1ngfl0yd\" target=\"_blank\" rel=\"noopener\">@p1ngfl0yd<\/a><\/p>\n<p>Twitter: <a href=\"https:\/\/twitter.com\/p1ngfl0yd\" target=\"_blank\" rel=\"noopener noreferrer\">@p1ngfl0yd<\/a><\/p>\n<p>Blog: <a href=\"https:\/\/devtty0.io\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/devtty0.io.<\/a>[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<style type=\"text\/css\">.thegem-button-6a3108d9d05995773 .gem-button svg {fill: #ffffff;}.thegem-button-6a3108d9d05995773 .gem-button:hover svg {fill: #ffffff;}<\/style><div class=\"gem-button-container gem-button-position-fullwidth thegem-button-6a3108d9d05995773    \"  ><a class=\"gem-button gem-button-size-giant gem-button-style-flat gem-button-text-weight-normal\" data-ll-effect=\"drop-right-without-wrap\" style=\"border-radius: 3px;background-color: #b43836;color: #ffffff;\" onmouseleave=\"this.style.backgroundColor='#b43836';this.style.color='#ffffff';\" onmouseenter=\"this.style.backgroundColor='#ef5047';this.style.color='#ffffff';\" href=\"https:\/\/brucon-0x0f-spring-training.eventbrite.co.uk\" target=\"_self\">Buy Training Ticket<\/a><\/div> [\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_empty_space][\/vc_column][\/vc_row]<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>[vc_row][vc_column][vc_column_text] Course Description Fuzzing is a technique of identifying software vulnerabilities by automated corpus generation. It has produced immense results and attracted a lot of visibility from security researchers and professionals in the industry, today fuzzing can be utilized in various ways which can be incorporated into your secure SDLC to discover vulnerabilities in advance and fix them. Finding vulnerabilities in software requires in-depth knowledge of different technology stacks. Modern day software\u2019s have a huge&#8230;<\/p>\n","protected":false},"author":8,"featured_media":0,"parent":75,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-2536","page","type-page","status-publish"],"_links":{"self":[{"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/pages\/2536","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/comments?post=2536"}],"version-history":[{"count":15,"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/pages\/2536\/revisions"}],"predecessor-version":[{"id":3346,"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/pages\/2536\/revisions\/3346"}],"up":[{"embeddable":true,"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/pages\/75"}],"wp:attachment":[{"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/media?parent=2536"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}