When Fuzzers Miss: The no Hanging Fruit.

Presented at DerbyCon 1.0 (2011), Oct. 1, 2011, 1 p.m. (50 minutes).

Fuzzing is a process of automating the vulnerability discovery process but with all automation there are areas that can be missed. This presentation will try to bring light to some of these instances in memory corruption and show some methods behind discovering the vulnerable code in appliation when fuzzers miss.


Presenters:

  • Tony Huffman (Myne-us)
    Tony works as a vulnerability research engineer for Tenable Network Security, Host for the Securabit podcast and member of the Securabit Exploit Group (SEG). Tony focuses much of his research on memory corruptions, exploit development and reverse engineering.

Similar Presentations: