YoVDO

Fuzz Everything, Everywhere, All at Once - Advanced QEMU-Based Fuzzing

Offered By: media.ccc.de via YouTube

Tags

Fuzzing Courses SQL Injection Courses Command Injection Courses Android Security Courses QEMU Courses Binary Analysis Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore advanced QEMU-based fuzzing techniques in this 41-minute conference talk from the 37th Chaos Communication Congress (37C3). Dive into the AFLplusplus open-source project's innovative approaches to fuzzing binary-only targets. Learn how to leverage AFL++ and QEMU for discovering command and SQL injections, expanding beyond traditional memory corruption detection. Discover a scalable method for fuzzing binary-only code using LibAFL and QEMU, with a focus on testing Android libraries without physical devices. Gain insights into QEMU-based instrumentation engines, high-performance cross-architecture fuzzing, and target instrumentation. Witness a demonstration of injection vulnerability detection in binaries using AFL++. Explore LibAFL QEMU's convenient APIs for target hooking with Rust, and understand how to build custom fuzzers that scale efficiently across multiple cores and machines for faster vulnerability discovery.

Syllabus

37C3 - Fuzz Everything, Everywhere, All at Once


Taught by

media.ccc.de

Related Courses

Threat Hunting with Yara
Pluralsight
Reverse Engineering 3201: Symbolic Analysis
OpenSecurityTraining2 via Independent
Firing Rounds at the Analysis Shooting Gallery - CSAW'16 Security Workshop
New York University (NYU) via YouTube
angr: Binary Analysis Framework - Demonstration and Analysis
New York University (NYU) via YouTube
Debin: Predicting Debug Information in Stripped Binaries
Association for Computing Machinery (ACM) via YouTube