Event-based Fuzzing, Patch-based Research, and Comment Police: Finding Bugs Through a Bug

preview_player
Показать описание
Learning from known vulnerabilities is a must for every security researcher, and subscribing to the major vendors' monthly public bulletins and security patch updates is the first thing security researchers do at the beginning of each month.The value of an enlightening security vulnerability is not only to reveal significant attack surfaces and exploit scenarios but also to inspire deeper digging as an important input to bug hunting. From a period of work on security vulnerability analysis and tracking, we have concluded several approaches to finding bugs over bugs, which apply to both mature products security research and efficient finding vulnerabilities of customized products. Through such patterns, we have developed a targeted fuzzer and written specific CodeQL/Weggli rules, and we found plenty of security vulnerabilities in Chrome and Android devices...

By: Qingyu Li , Huinian Yang

Full Abstract and Presentation Materials:
  1. Black Hat
Рекомендации по теме
Event-based Fuzzing, Patch-based 0:28:59

Event-based Fuzzing, Patch-based Research, and Comment Police: Finding Bugs Through a Bug

About Directed Fuzzing 0:30:48

About Directed Fuzzing and Use-After-Free: How to Find Complex & Silent Bugs?

No Hat 2023 0:36:10

No Hat 2023 - Richard Johnson - Fuzzing: The Age of Vulnerability Discovery

REcon 2014 Fuzzing 1:12:08

REcon 2014 Fuzzing and Patch Analysis SAGEly Advice (Richard Johnson)

NSC #2 - 1:08:11

NSC #2 - Richard Johnson - 'Fuzzing and patch analysis SAGEly advice'

Fuzzing and Exploiting 0:39:13

Fuzzing and Exploiting Virtual Channels in Microsoft Remote Desktop Protocol for Fun and Profit

How Automated Vulnerability 0:44:41

How Automated Vulnerability Analysis Discovered Hundreds of Android 0-days

hAFL1: Our Journey 0:36:23

hAFL1: Our Journey of Fuzzing Hyper-V and Discovering a 0-Day

Dawid Czarnecki: Build 0:41:22

Dawid Czarnecki: Build a Fuzzing Framework with IAST | CONFidence 2023

OffensiveCon22 - Tamas 0:52:54

OffensiveCon22 - Tamas K Lengyel and Bálint Varga-Perke - Case Studies of Fuzzing with Xen

Stagefright: Scary Code 0:56:05

Stagefright: Scary Code in the Heart of Android

Why you should 0:24:08

Why you should be using automated fuzzing to test for security issues in your code

SelectFuzz: Efficient Directed 0:14:01

SelectFuzz: Efficient Directed Fuzzing with Selective Path Exploration

The State of 0:29:20

The State of eBPF Fuzzing - CHAIGNON, Paul

Modern Fuzzing of 0:25:10

Modern Fuzzing of Media-processing projects Keeping media processing secure and stable

Automatic Discovery of 0:44:59

Automatic Discovery of Evasion Vulnerabilities Using Targeted Protocol Fuzzing

DS3 Panel on 1:30:32

DS3 Panel on Fuzzing

How Fuzzing with 0:14:42

How Fuzzing with AFL works! | Ep. 02

Binary level Directed 0:20:48

Binary level Directed Fuzzing for Use After Free Vulnerabilities

A bug hunter's 0:47:10

A bug hunter's reflections on fuzzing

LPC2018 - Zinc: 0:48:50

LPC2018 - Zinc: Minimal Light-weight Kernel Cryptography API

Find bugs faster 0:51:53

Find bugs faster with fuzzing by Alper Basaran

Aleksandar Nikolic – 0:39:07

Aleksandar Nikolic – Guided Fuzzing And Binary Blobs

Optimized Fuzzing IOKit 0:33:44

Optimized Fuzzing IOKit In iOS