When Fuzzers Miss: The no Hanging Fruit.

DerbyCon 1 - 2011

Presented by: Tony Huffman (Myne-us)
Date: Saturday October 01, 2011
Time: 13:00 - 13:50
Location: Track 1

Fuzzing is a process of automating the vulnerability discovery process but with all automation there are areas that can be missed. This presentation will try to bring light to some of these instances in memory corruption and show some methods behind discovering the vulnerable code in appliation when fuzzers miss.

Tony Huffman

Tony works as a vulnerability research engineer for Tenable Network Security, Host for the Securabit podcast and member of the Securabit Exploit Group (SEG). Tony focuses much of his research on memory corruptions, exploit development and reverse engineering.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats