Play all

Introduction

About Me

Summary

Motivations

Example

Input Generation

Input Generation Techniques

Approach

Action Mechanism

Snapshot Repository

Snapshot Creation Flow

Leap Node Detection

Page Block Reasoning

Selection Rules

Memory Selection

Control Flow Hijacking

Memory Access Errors

Comparison Branch Types

UData Analysis

Comparison Value Extraction

Offset

White Sequencing

Architecture

Demo

Description:

Explore advanced binary fuzzing techniques in this Hack In The Box Security Conference talk. Delve into a novel approach for analyzing input comparison statements in real-world software without symbolic computation. Learn about Ligthbranch, a tool that automatically extracts comparison values from closed-source binaries, enhancing fuzzer efficiency in vulnerability detection. Discover how to integrate this methodology with AFL fuzzer, and gain insights into snapshot-assisted-driven comparison branch analysis. Understand key concepts such as snapshot repository, leap node detection, page block reasoning, and comparison branch types. Witness a practical demonstration of these techniques in action.

Binary Fuzzing With Snapshot-Assisted-Driven Comparison Branch Analysis

Hack In The Box Security Conference

Add to list

#Conference Talks #Hack In The Box Security Conference #Information Security (InfoSec) #Cybersecurity #Security Research