Harder, Better, Faster, Stronger: Semi-Auto Vulnerability Research
- Type
- Paper
- Tags
- bug hunting, fuzzing, vulnerability assessment
- Authors
- Lurene Grenier, Richard Johnson
- Event
- Black Hat USA 2010
- Indexed on
- Mar 27, 2013
- URL
- https://media.blackhat.com/bh-us-10/whitepapers/Grenier_Johnson/BlackHat-USA-2010-Grenier-Johnson-Harder-Better-Faster-Stronger-wp.pdf
- File name
- BlackHat-USA-2010-Grenier-Johnson-Harder-Better-Faster-Stronger-wp.pdf
- File size
- 57.9 KB
- MD5
- 414f52b1f21ac896a41cf9f1c21aec03
- SHA1
- 23cc6d9fc6eb17c84fdf9b59ec6633278a9eac33
Much work has been presented in the past few years concerning bug discovery through fuzzing. Everything from the feasibility of exhaustive generation fuzzing, to the continued productivity of simple mutation fuzzing has been covered. This talk will assume finding bugs is a foregone conclusion, and instead discuss the pre and post fuzzing process necessary to efficiently analyze vulnerabilities for a given program to the stage where exploitability has a high confidence, and exploitation can be handed off or undertaken in house. This process will be driven by intelligent, analyst driven automation, with a focus on the continued production of exploitable bugs with a minimum of wasted effort.
About us
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Statistics
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.
Contribute
To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.
