Fuzzing Source-Code and Binary-only Targets like a Pro

Course Synopsis

This authoritative course from one of the maintainers of one of the performance leading fuzzing tools, AFL++, will walk you through the maze of options, toolsets, and tradeoffs in building good, time efficient, fuzzing campaigns. For modern fault location it can take a blend of tools, fuzzers, and techniques to hit the best utilization of your fuzzing hardware resources - and Marc, who has been testing and trying them all for years, can save many a misstep by showing you what not to worry about, as well as what’s important.

Marc will walk you though the whole fuzzing campaign process, relating his experience and saving you tremendous amounts of time and research needed to optimally set up targets, instrumenting, and choosing the right tools to utilize - so that you can most efficiently and thoroughly analyze your targets, and optimize the numbers of results you get from your fuzzing tool mix, as well as the quality of results. His course is a complete and thorough walk through the large array of tools in the fuzzer space - a mix that constantly changes. Marc can keep you at the leading edge of that constantly moving target of fuzzing state of the art.

He starts out from the beginning, by covering choices available in instrumenting your target, and then walks you though the kinds of attributes and choices you can make to set up your fuzzing tool mix depending on your target code/system properties/attributes. His course will show you the strengths and weaknesses of the whole spectrum of fuzzing tools - and teach you where each one is most efficiently applied, as well as where they are weakest.

He covers how to operationally maximize code coverage during fuzzing for many different kinds of code, and also saves you a tremendous amount of learning curve, in selecting, then setting up the individual utilities, parameters, configurations and interfaces by shooting straight to the configuration options that matter most and documenting best practices from his extensive experience - as well as saving you setup time by providing pre-constructed tool containers for the most popular and powerful tools for the lab exercises and later use - saving you weeks of dependency frustration, build hassles, and trial and error. This lets you rapidly get to your actual objective - fuzzing your target and identifying crashes, and more importantly, exploitable crashes. Marc’s course takes you through the whole fuzzing process completely end to end with practical exercises as well as explanations all the way to actionable, exploitable, vulnerabilities..

The hands on labs let you bring in your own fuzzing target which you can test and optimize in the labs with the benefit of counseling and coaching from Marc’s many years of encyclopedic fuzzing technology knowledge, to make sure you get immediate value from this training for your current research objective..

This course is valuable use of time, and the small class size provides plenty of opportunity for one-on-one consulting and coaching from an industry luminary. It is an essential course for any infosec professional currently using, or looking to use fuzzers, and It’s the fastest way to power up your fuzzer capabilities to world class level.

Marc “van Hauser” Heuse

Marc “van Hauser” Heuse started with his security research in 1993 even before finishing school. He is well known for being the founder of the security research group The Hacker’s Choice (www.thc.org) and for his security tools like hydra, thc-ipv6, THC-SCAN, SuSEfirewall and many others. In his career he was team leader and manager at KPMG and n.runs and for over 10 years he is now working as an independent security researcher now, focusing on automotive penetration testing and other embedded platforms. Currently he is working using binary instrumentation and fuzzing for his automotive security projects and research and is the co-author of the blackbox feedback fuzzing tool afl-dyninst and the afl follow-up project afl++.