! -- Fonction pour lancer Google Analytics --> <! -- End of Fonction pour lancer Google Analytics -->
Fuzzing as a methodology has been an area of interest for generations of security researchers…
Fuzzing as a methodology has been an area of interest for generations of security researchers, and has proved to be a very effective way to find vulnerabilities. It is today broadly used in various initiatives like OSS-Fuzz or syzbot to help open-source projects detect bugs early on. Things are more tedious when auditing close source binaries. However, they represent very interesting targets, widely found in all major operating systems and where fewer eyes often means more bugs. Good news is: combining public research, projects and homemade tools, we can achieve smart and efficient fuzzing on them.
This training aims to provide the student the concepts, methods and tools to deal with any real-life software. Through the use of LIEF, QBDI and Triton, we will explain how one can achieve fast, smart and efficient fuzzing on closed-source targets.