The "crash" course, a non-programmer's guide to fuzzing
By : Rushikesh D. Nandedkar
Date: 20 Aug 2021
Time: 04:00 p.m.
Abstract of the Workshop:
This is two hours, completely hands-on workshop, purposely built to help non-programmers to get into fuzzing.
The motive is to share what I was able to learn so far about fuzzing, with the audience to make the learning simple of otherwise cryptic looking (science || art)? of fuzzing. The intended audience is a beginner to intermediate level.
The session will be delivered considering the following aspects:
- Preparation and setting up a fuzzing environment.
- The use of afl at various stages.
- The use of Honggfuzz at various stages.
- Instrumentation, input selection, corpus minimization.
Honestly, the list of content is endless and will be highly dependent on the interest of the audience.
The motive is to deliver more.
Rushikesh D. Nandedkar
Rushikesh is a researcher. Having more than 10 years of experience under his belt, his assignments have always been pointed towards reducing the state of insecurity for information. His research papers were accepted at the nullcon '14 '18 '20, BruCON '16 '17 '18 '19 '21, Blackhat USA Arsenal '18 '19, DEFCON 24 26 27, x33fcon '17 '18 '20 '21, BSides Delhi '17 '20, c0c0n '17, HITCON '14, NCACNS '13 + co-author of “DARWIN”(use cases for covert wireless), “DECEPTICON,” an intelligent evil-twin and "SASTRI," Plug and Play VM for SAST. Being an avid CTF player, for him, solace is messing up with packets, frames, and shellcodes while attempting to reach the state of void *.