The slide deck containing all slides from the conferences.
Read more about fuzzing in my last blog post “Hack the Hacker – Fuzzing Mimikatz On Windows With WinAFL & Heatmaps (0day)”
CTF Challenge “Chat” (SECCON CTF – Try to find the vulnerabilities)
AFL Fuzzing workflow with FFMPEG as example
Short demonstration of LibFuzzer
Fuzzing Mimikatz with WinAFL and Taint Analysis
Using breakpoints to extract coverage information. Example with Adobe Reader.
Demonstration of DynamoRio DrCov to get coverage information from Adobe Reader.
How to detect when a PDF finished loading
Demonstration on finding the start and end address of the target function which should be fuzzed in-memory (Example with HashCalc).
In-memory fuzzing of HashCalc with WinAppDbg (750 exec / sec)
In-memory fuzzing of HashCalc with DynamoRio (170 000 exec / sec)
Fuzzing interactive applications with a self written fuzzer to discover deep bugs (which are not found per default by AFL)
Enabling GFlags and Application Verifier on Windows to identify vulnerabilities in mimikatz.
This research was done by René Freingruber (@ReneFreingruber) on behalf of SEC Consult Vulnerability Lab.