))
Fuzzing Rust with Shnatsel
Manage episode 300249071 series 2971726
Content provided by Firo Solutions. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Firo Solutions or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Fuzzing Rust with Shnatsel
In this fresh episode of Security headlines we interview Shnatsel
about rust fuzzing, we jump in the rabbit holes of Rust and fuzzing and
explore the magical world.
In this episode we cover:
Fuzzing in rust
i side track to openbsd ofc
we talk about internal builds
using clippy to inform people about best practices
clippy in Rust CI systems
Rust in enterprise systems
linting in rust
the cargo build system
security exploits
rebuilding binaries
cloud binaries
cargo rfc
cargo fuzz
AFL/american fuzzyloop, hongfuzz, libfuzzer
binaries
dependencies in rust
finding zero days
unmaintained code in production
versions in binaries
auditing binaries
finding bugs in rust, C and C++ code
claiming CVEs
address sanitizer
going beyond address sanitizer to find use after free/Use of uninitialized memory bugs
binary parser
angola fuzzer
memory sanitizer
finding new and interesting bugs in your codebase
rust sub reddit
libdfuzz
External links:
https://github.com/rust-fuzz/auto-fuzz-test
https://github.com/Shnatsel/rust-audit
https://github.com/AngoraFuzzer/Angora
https://web.cs.ucdavis.edu/~hchen/paper/chen2018angora.pdf
https://github.com/rust-fuzz/cargo-fuzz
https://github.com/avadacatavra/unsafe-unicorn
https://rust.firosolutions.com
https://reddit.com/r/Rust
https://lcamtuf.coredump.cx/afl/
https://github.com/rust-fuzz
https://github.com/rust-fuzz/trophy-case
https://blog.firosolutions.com/2020/07/superhero-rust-fuzzing/
25 episodes
Share
