Go Fuzzing and Crash Analysis
- Buy now
- Learn more
Welcome & Summary

Welcome & Overview
Summary
Materials

Day2_Go_Security_Fuzzing_And_Crash_Analysis_v1_0.pdf
Day2_Go_Security_Fuzzing_And_Crash_Analysis_v1_1.pdf
go_security_day_2.zip
1. Introduction to Fuzzing

1.0 - Introduction to fuzzing
2. Coverage-guided Fuzzing

2.0 - Coverage guided fuzzing
2.1 - Go-fuzz
2.2 - Go-fuzz: labs
2.3 - libfuzzer + labs
2.4 - testing/fuzz + labs
2.5 - Who is the best fuzzer
2.6 - Exercises
2.7 - Exercise 1: Correction
2.8 - Exercise 2: Correction
2.9 - Exercise 3: Correction
3. Fuzzing workflow

3.0 - Corpus selection
3.1 - Code coverage
3.2 - Corpus minimization
4. Crashes Analysis

4.0 - Crashes analysis
4.1 - Bucketing
4.2 - Crashes minimization
4.3 - Debugging / RCA
5. Generation-based fuzzing

5.0 - Grammar based fuzzing
5.1 - Structure aware fuzzing
5.2 - Exercises
5.3 - Exercise 1: Correction
5.4 - Exercise 2: Correction
6. Advanced testing techniques

6.0 - Property based testing
6.1 - Concolic testing
6.2 - Differential fuzzing
6.3 - Exercises
6.4 - Exercise 1: Correction
6.5 - Exercise 2: Correction
6.6 - Custom fuzzers
7. Exercises

7.0 - Interesting targets
7.1 - Exercise 1
7.2 - Exercise 1: Correction
7.3 - Exercise 2
7.4 - Exercise 2: Correction
7.5 - Exercise 3
7.6 - Exercise 3: Correction
7.7 - Exercise 4
7.8 - Exercise 4: Correction
7.9 - Exercise 5
7.10 - Exercise 5: Correction
7.11 - Exercise 6
7.12 - Exercise 6: Correction
7.13 - Exercise 7
7.14 - Exercise 7: Correction
7.15 - Other exercises
Conclusion / Thank You

8.0 - Closing remarks
Give me your feedback!

Summary

Introduction to Fuzzing
Coverage-guided Fuzzing
- go-fuzz, libfuzzer, testing/fuzz
Fuzz testing workflow
- Corpus/inputs collection, Code coverage, Corpus minimization
Crashes Analysis
- Bucketing, Crashes minimization, Debugging, Root cause analysis
Generation-based fuzzing
- Grammar-based & Structure-aware Fuzzing
Advanced testing techniques
- Property-based testing, Concolic Testing
- Differential fuzzing / Writing custom fuzzers