Richard Johnson

Richard Johnson is a computer security specialist with a focus on software vulnerability analysis. Currently Senior Principal Security Researcher at Trellix and Chief Research Officer of Fuzzing IO, Richard offers over 20 years of professional expertise and leadership in the information security industry. Current responsibilities include zeroday vulnerability research and development of advanced fuzzing and automated reverse engineering solutions. Prior to Trellix, he led the security research efforts and built bug hunting teams for Oracle Cloud and Cisco Talos. Richard has delivered training and presented annually at top-tier industry conferences worldwide for over 15 years and has been a speaker and trainer at several leading events including Black Hat, Defcon, Hack in the Box, RECON, and OffensiveCon. Richard was co-founder of the Uninformed Journal and has been on program committees for USENIX WOOT, RECON, and Toorcon.

• @richinseattle

Presentations:

• 2022-12-02 16:30 - HushCon Seattle 2022 - Evolution of Stealth Packet Filter Rootkits   as @richinseattle (Richard Johnson)
• 2022-08-11 13:30 - Black Hat USA 2022 - eBPF ELFs JMPing Through the Windows
• 2022-07-14 14:00 - ToorCamp 2022 - Extra Better Program Finagling (eBPF) for Attack and Defense
• 2021-10-12 14:00 - ToorCon San Diego 2021 - Extra Better Program Finagling (eBPF) for Attack and Defense
• 2018-12-08 13:00 - HushCon Seattle 2018 - Taint Driven Crash Triage   as @richinseattle
• 2017-07-27 14:30 - Black Hat USA 2017 - Evolutionary Kernel Fuzzing
• 2017-06-17 18:00 - REcon 2017 - Coverage Guided Kernel Fuzzing
• 2017-01-27 13:00 - REcon Brussels 2017 - Harnessing Intel Processor Trace on Windows for fuzzing and dynamic analysis
• 2016-12-09 14:45 - HushCon Seattle 2016 - Fuzzflow Framework and Windows Guided Fuzzing
• 2016-06-19 16:00 - REcon 2016 - Go Speed Tracer
• 2016-06-09 17:00 - ToorCamp 2016 - Go Speed Go: Trace Guided Fuzzing
• 2015-12-11 15:00 - HushCon Seattle 2015 - High Performance Fuzzing
• 2014-06-28 14:00 - REcon 2014 - Fuzzing and Patch Analysis: SAGEly Advice
• 2013-06-21 14:00 - REcon 2013 - Taint Nobody Got Time for Crash Analysis
• 2013-06-07 16:00 - Summercon 2013 - Taint Nobody Got Time for Crash Analysis
• 2010-07-28 15:15 - Black Hat USA 2010 - Harder, Better, Faster, Stronger: Semi-Auto Vulnerability Research
• 2008-04-19 15:40 - ToorCon: Seattle 2008 - Fast n Furious Transforms
• 2007-05-12 16:40 - ToorCon: Seattle (Beta) (2007) - Memory Manager Attack and Defense
• 2004-07-30 13:00 - DEF CON 12 (2004) - A Comparison of Buffer Overflow Prevention Implementations and Weaknesses

Copresenters:

• pa_kt
  • 2013-06-21 14:00 - REcon 2013 - Taint Nobody Got Time for Crash Analysis
  • 2013-06-07 16:00 - Summercon 2013 - Taint Nobody Got Time for Crash Analysis
• Andrea Allievi
  • 2017-01-27 13:00 - REcon Brussels 2017 - Harnessing Intel Processor Trace on Windows for fuzzing and dynamic analysis
• Lurene Grenier
  • 2010-07-28 15:15 - Black Hat USA 2010 - Harder, Better, Faster, Stronger: Semi-Auto Vulnerability Research
• Peter Silberman
  • 2004-07-30 13:00 - DEF CON 12 (2004) - A Comparison of Buffer Overflow Prevention Implementations and Weaknesses