BruCON 0x0A

Fuzzing is a very powerful technique to detect flaws and vulnerabilities in software. The aim of this hands-on workshop is to demonstrate different techniques which can be used to fuzz applications or libraries. Choosing the correct and most effective fuzzing technique will be discussed with real-world examples. Moreover, hints according common problems and pitfalls during fuzzing will be given. After discussing the theories behind modern fuzzing techniques we look at famouse fuzzers and how they can be used to find real-world vulnerabilities. In the second part important areas which influent the fuzzing results are covered. Moreover, we discuss differences between fuzzing open-source and closed-source applications and useful reverse engineering techniques which assist the fuzzing process.