Fuzzing with AFL

Discover the power of fuzzing with AFL in this comprehensive 45-minute conference talk. Learn how to effectively test applications by throwing various inputs at them to uncover potential crashes. Gain insights into getting started with AFL, explore optimization techniques, and address common challenges encountered during the fuzzing process. Follow along as the speaker demonstrates practical examples, discusses code and path coverage, and introduces different fuzzing approaches including mutational, grammar, and feedback-based fuzzers. Explore the AFL trophy case of vulnerabilities, learn about installation and compilation processes, and understand the importance of test corpus selection. Dive into optimization strategies for execution speed, LLVM instrumentation, and persistent mode. By the end of this talk, acquire the knowledge and tools necessary to begin fuzzing your own code with AFL and improve your application's security.

Intro
Inspiration
Code coverage vs path coverage
Basic fuzzing
Mutational fuzzer
Grammar fuzzer
Feedback-based fuzzers
AFL trophy case - vulnerabilities
Installing AFL
LLVM: Fuzzing non-x86
Workflow
Get some hardware
Compile the binary
Compile time environment variables
Find a test corpus
Run the fuzzer
Triage the findings
Profit
Goals
Optimization: Execution speed
Optimization: LLVM - Deferred instrumentation
Optimization: LLVM - Persistent mode
Optimization: libdislocator.so
Optimization: Dictionaries
Resources
Summary