Null offensive hacking hands-on training.
Proposed sessions for this event:
- Introduction to Fuzzing with AFL by Dhiraj Mishra
- Introduction to Fuzzing with AFL by Dhiraj Mishra
An introduction to fuzzing, we will discuss and understand all parts to a successful fuzzing and why it’s needed, understanding various fuzzer’s and setting up the environment. The prime focus of the session is to understand the various fuzzing approaches, we may not go-ahead more into exploitation part.
We will move ahead and start with AFL, understating the installation part. Also, we will quickly have a look at AFL key components which is, process timing, stages, findings, yields, path geometry, and stability. We have created certain vulnerable binaries from which we will demonstrate overflows using AFL and analyzing the targets, crashes and hangs which gets generated by AFL. After that, we will move ahead and start with smart fuzzing where we will integrate ASAN with AFL, but before that, we will give a brief understanding about ASAN and MSAN and how it is used to detect the runtime bugs during the compilation of a binary. Aside we will discuss HTTP protocol fuzzing using various techniques.
In end, we will give a small exercise (CTF) to students to make there hands dirty on what they have learned so far and clear their doubts. We will quickly wrap-up our workshop by discussing how they can leverage this knowledge against the bug bounty programs and then showcasing multiple bugs which we found during my research.
Pre-requisites:
* Laptop with at least 8 GB RAM
* Administrator access on your laptop
* Your laptops should support virtualization software
* VirtualBox, VMPlayer or VMWorkstation has to be pre-installed
RSVP & Questionnaire are mandatory for everyone registering for this event (BOTH ARE COMPULSORY)
https://null.co.in/events/626-dubai-introduction-to-fuzzing-with-afl
https://forms.gle/k7SQdUyZcCXZxmtH8
Failing to the above will automatically disqualify your nomination for this event.
Last date of registration: 20-AUG-2019 23:59.
Note:
* This is an invite-only event and the workshop champions & chapter leads reserve the rights to shortlist the participant.
* If shortlisted, you would receive email from Organizers and you should confirm your attendance.
* If you are shortlisted and don't turn up for the workshop, you will automatically not be eligible to attend next 2-3 future workshops.
* Not-shortlisted folks, please dont turn up for event.
Date | Friday August 30 2019 |
---|---|
Chapter | Dubai |
Registrations | 28 |
Max Registrations | Unlimited |
Event Type | Invite Only |
Start Time | 10:00 AM |
End Time | 04:00 PM |
Session Schedule
Name | Speaker | Start Time | End Time | Resources |
---|---|---|---|---|
Introduction to Fuzzing with AFL | Dhiraj Mishra | 10:00 AM | 12:30 PM | |
Prayer and Lunch Break | 12:30 PM | 01:45 PM | ||
Introduction to Fuzzing with AFL | Dhiraj Mishra | 01:45 PM | 04:00 PM |