In this episode of Security Headlines we deep dive into fuzzing with Patrick Ventuzelo.

topics that we cover:

being niched in cyber security

patricks background, doing pentests on telecom networks, doing security research on the android kernel for the french DoD, reverse engineering, development

Zero days in the android kernel

choicing a target when fuzzing

 blackbox and whitebox fuzzing

fuzzing golang projects

fuzzing rust projects

setting up fuzzing enviroments

webassembly security 

fuzzing webassembly

invalid web assembly opcodes

the next generation of browser exploits

javascript runtimes

exploiting webassembly in the browser

fuzzing blockchain applications

how to write a fuzzer

what to look for while fuzzing

fuzzing javascript

writing fuzzers in python

ataris fuzzer for python code

libfuzzer

llvm

analysing code repositories and finding bad patterns

golang built in fuzzing(go-fuzz, fuzzing draft)

fuzzing ethereum solidity smart contracts

fuzz bench by google

fuzzing the android kernel

beacon fuzz

reporting security bugs

github security advisory

favorite security conferences

External links:

https://fuzzinglabs.com/

http://stackoverflow.com/questions/43153964/ddg#43154559

https://www.youtube.com/channel/UCGD1Qt2jgnFRjrfAITGdNfQ

telegram fuzzlab lab

https://googleprojectzero.blogspot.com/2021/01/in-wild-series-chrome-exploits.html