A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


High Performance Fuzzing - (BSides Knoxville 2015) (Hacking Illustrated Series InfoSec Tutorial Videos)

High Performance Fuzzing

Richard Johnson

BSides Knoxville 2015

Security conference talks related to fuzzing tend to focus on distributed frameworks or new proof-of-concept engines. This talk will take a look at how to get the most performance out of your engine designs and fuzzing cluster for long term deployments. We will discuss topics like fork servers, static binary rewriting, patching Windows kernel to bypass memory limits and more tricks that have yet to be included in fuzzing talks. We have successfully applied these techniques to create a high performance port of AFL that targets binaries as well as speed up previous work on concolic execution and automated test generation. We will also compare effectiveness of various black box fuzzing approaches including model inference and directed fuzzing engines against a new benchmark composed of real-world vulnerabilities. 

Highlights include:
Highest performance coverage and dataflow tracing options
Using bootkits to bypass software memory limits in Windows
RAM disk options on Windows
Harnessing copy-on-write on Windows 
High speed automatic test generation 
Benchmark set of real vulnerabilities for testing fuzzers
Performance of best-in-class fuzzers against benchmarks
Demo of port of AFL for targeting binaries
Demo of fast concolic testing

Back to BSides Knoxville 2015 list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast