Fuzzing Rust crate library using honggfuzz-rs fuzzer (ical-rs) - Rust Security #2

preview_player
Показать описание

In this second Rust fuzzing course, I will use the famous honggfuzz fuzzer to find bugs inside the ical rust crate library. I will first identify some interesting methods to fuzz and then write some fuzzing targets. Finally, I’ll run the fuzzer and analyze one of the bug triggered.

#Rust #Fuzzing #Honggfuzz

0:00 Intro
01:10 Honggfuzz-rs presentation
01:55 Today's target (ical-rs)
04:27 Find some interesting methods to fuzz
06:19 Writing honggfuzz-rs targets
08:44 Run the fuzzer
12:21 Analyze the crash and find the bug
15:18 Improve your fuzzing (look at iCAL and vCard format, add new fuzzing inputs, create dict)

==== 🔥 Rust Security Audit and Fuzzing Training ====

==== 🦄 Join the community ====

==== 📡 Socials ====

Keyword: Rust, Rustlang, Fuzzing, Fuzz Testing, Honggfuzz, honggfuzz-rs
  1. FuzzingLabs
  2. honggfuzz-rs
  3. fuzzing rust
  4. cargofuzz
  5. cargo-fuzz
  6. cargo fuzz
Рекомендации по теме
Fuzzing Rust crate 0:18:34

Fuzzing Rust crate library using honggfuzz-rs fuzzer (ical-rs) - Rust Security #2

Rust Security #1: 0:12:29

Rust Security #1: How to Find Bugs in popular Rust library using Fuzzing (cargo-fuzz / libFuzzer)

Rust fuzzing using 0:15:28

Rust fuzzing using cargo-libafl (LibAFL-based fuzzer) - Rust Security #4

Learn How to 0:11:19

Learn How to Fuzz Your Rust Code in 10 Minutes

Write better Rust 0:13:49

Write better Rust fuzzing harnesses and find more BUGS - Rust Security #3

Setting up CI 2:46:41

Setting up CI and property testing for a Rust crate

Rust Fuzzing and 0:02:24

Rust Fuzzing and Crash Analysis - Training description (Day 2)

Rust Fuzzing: Live 1:28:53

Rust Fuzzing: Live Coding (Short version)

Fuzzing Java code 0:22:04

Fuzzing Java code (JSoup) using Jazzer fuzzer - Java Security

'Advanced Testing in 0:41:27

'Advanced Testing in Rust' - Tobin Harding (Everything Open 2023)

[Fuzzing with honggfuzz] 0:16:40

[Fuzzing with honggfuzz] How to Fuzz with HonggFuzz and use Pwntools

Decrusting the quickcheck 1:31:34

Decrusting the quickcheck crate

[Fuzzing with honggfuzz] 0:12:46

[Fuzzing with honggfuzz] How to fuzz tcpdump with honggfuzz

Soroban Fuzz Testing 0:57:35

Soroban Fuzz Testing w/ Brian Anderson | Developer Workshop | 11/1/2023

Adrian Manning - 0:20:40

Adrian Manning - Fun with Fuzzing

Rust Library Overview 0:21:19

Rust Library Overview - IOTA Stronghold

LibAFL: The Advanced 0:26:56

LibAFL: The Advanced Fuzzing Library - Andrea Fioraldi & Dominik Maier @FuzzCon Europe 2021

RustConf 2021 - 0:15:15

RustConf 2021 - Supercharging Your Code With Five Little-Known Attributes by Jackson Lewis

#PLTalk: Fuzzing with 1:02:13

#PLTalk: Fuzzing with John Regehr

Building Safe and 0:44:56

Building Safe and Secure Systems in Rust. Mingshen Sun

Benchmark testing your 0:04:59

Benchmark testing your Rust code

RustConf 2021 - 0:09:53

RustConf 2021 - Writing the Fastest GBDT Library in Rust by Isabella Tromba

FUZZ{0X41}LL The Things 0:29:00

FUZZ{0X41}LL The Things

Bonus Lecture: Fuzz 0:42:14

Bonus Lecture: Fuzz testing

Комментарии
Автор

One week ago I discover this channel and I think watch everything twice, thank you :D

adohalim
Автор

Is this unwarp was crash as you Said? Is it exploitable? Somehow?

selimeneskaraduman
welcome to shbcf.ru