The past few years have seen a leap in fuzzing technology. The original paradigm established a decade ago resulted in two widely deployed approaches to fuzzing: sample based mutation and model based generation. Thanks to ever-increasing computational performance and better engineering, newer guided fuzzing approaches have proven to be supremely effective with a low cost of deployment. This talk will explore a few different approaches to guided fuzzing through dynamic analysis including code coverage analysis, constraint solving, and sampling/profiling based feedback mechanisms.
Novel contributions in this talk include:
– Opensource Windows Driver enabling Intel “Processor Trace”
– DBI based tracing engine for Windows/Linux/OSX binaries
– American Fuzzy Lop with full support for Windows binary targets