• Goa 2020
  • AMMO
  • FuzzCube

FuzzCube

Anto-Joseph

Tool Name:

FuzzCube

Speaker:

Anto Joseph

Download Link:

https://github.com/antojoseph



Abstract:

Fuzzing over the ages has improved in tooling, logic, and process, but is still a number-crunching problem! You are improving your odds by throwing more CPU power at it. How do we make it happen without hacking through custom solutions that cannot be reused? This got me thinking: “Enter FuzzCube - Batteries Included! “ FuzzCube comes with State Sharing Features, Mutation Engines and Crash Verification tools that you could leverage in your projects. It leverages Kubernetes for its infrastructure orchestration capabilities. Using Kubernetes operators, we abstract the complexity of deploying a fuzzing infrastructure with distributed high throughput workloads, fault tolerance, storage orchestration, and high scalability. We will practise distributed fuzzing in the era of Cloud Native Computing and use our new skills to find some 0days ;)

Bio:

Anto Joseph is a Security Engineer for Tinder. He loves security research in Machine Learning Systems & Application Security. Previously, he has worked at Intel, Citrix, and E&Y in multiple information security roles. He is passionate about exploring new ideas in these areas and has been a speaker/ trainer at various security conferences including BH USA, Defcon, BruCon, HackInParis, HITB Amsterdam, HackLu, Hacktivity, PHdays, X33fCon, Shakacon NullCon, c0c0n and more. He is an active contributor to many open-source projects and some of his work is available at https://github.com/antojoseph.

Copyright © 2019-20 | Nullcon India | International Security Conference | All Rights Reserved