A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Symbolically executing a fuzzy tyrant - Lojikil GrrCON 2019 (Hacking Illustrated Series InfoSec Tutorial Videos)

Symbolically executing a fuzzy tyrant
Lojikil
GrrCON 2019

Code reviewers and penetration testers are familiar with the normal dynamic and static application security tools (DAST|SAST). These tools can provide varying levels of coverage with varying levels of false/true positives. However, there are other classes of tools that can provide deeper understanding and more vulnerabilities in the same amount of time as traditional tools. This talk covers two such classes: (smart) fuzzers and symbolic execution. As a practicum, it is focused on every-day scenarios that normal security analysts face, rather than theoretical attacks in an academic setting. The author?s current setup is provided as an example.

Back to GrrCON 2019 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast