Getting Started with Fuzzing for Bug Discovery

Wednesday, 15 Feb 2023 11:00AM SST (15 Feb 2023 03:00 UTC)
Speakers: Stephen Sims, James Shewmaker

A lot of offensive security professionals have experience weaponizing simple vulnerabilities, but may not have worked much with bug discovery. Join Jim Shewmaker and Stephen Sims as they talk through fuzzing concepts and methodology, and then jump into a demonstration on setting up a modern fuzzing harness. What should you fuzz for? What types of fuzzing is there? How do you know if a bug is weaponizable? We’ll aim to answer these questions and more in this one hour session.

Watch the Japanese recording here.

題名：バグ発見のための最新のファジング技術

概要：

Red Teamなどで働く攻撃技術の専門家の方であっても、既知の脆弱性を利用して侵入を行った経験はあるものの、自身で脆弱性の発見に取り組んだことのある方はそれほど多くありません。Jim ShewmakerとStephen Simsはファジングのコンセプトと具体的な手法について解説し、最新のファジング技術のデモを行います。何をファジングするべきか、どのような種類があるのか、どのようにそのバグを悪用するのかなどの質問を1時間のセッションでカバーしていきます。

Login to Register

Related Content

Cyber Defense, Digital Forensics, Incident Response & Threat Hunting, Industrial Control Systems Security, Penetration Testing and Red Teaming

January 29, 2024

A Visual Summary of SANS CTI Summit 2024

Check out these graphic recordings created in real-time throughout the event for SANS CTI Summit 2024

Offensive Operations, Pen Testing, and Red Teaming, Open-Source Intelligence (OSINT), Penetration Testing and Red Teaming

November 16, 2023

A Visual Summary of SANS HackFest Summit

Check out these graphic recordings created in real-time throughout the event for SANS HackFest Summit 2023

Digital Forensics, Incident Response & Threat Hunting, Penetration Testing and Red Teaming

A Visual Summary of SANS Ransomware Summit 2023

Check out these graphic recordings created in real-time throughout the event for SANS Ransomware Summit 2023