Hey kids, do you like finding bugs in software?? Then you'll love fuzzing!! Fuzzing is the art and science of feeding random data to a program to see how it reacts and hopefully find exploitable weaknesses. It has become all the rage in vulnerability research lately but it's hard to figure out where to start. What kinds of fuzzers are out there? What makes a program a good target for fuzzing? What can I do to improve my fuzzing results? This talk will discuss these issues and more. This is intended to be a gentle introduction to the topic so noobs are welcome! It can however be a somewhat advanced topic so be ready to veer briefly into operating system internals, debuggers, etc.
Brian Beaudry is a Senior Security Consultant with GuidePoint Security in the Application Security practice as well as a leader of OWASP Tampa. His interests include CTFs, reverse engineering, and software exploitation. Brian hails from Tampa where he enjoys life with his wonderful wife and adorable little daughter.