Security BSides London, the UK’s biggest community-driven infosec conference is happy to announce its 8th iteration open to all regardless of background, skill level, income or job-title.  
  • Doors to the main event open at 8.30am with talks starting at 9am on 5 June 2019
  • Workshops will be held on 4 June 2018 starting at 10am; Pre-registration is required
Please remember that Security BSides London has a strict code of conduct available here
Back To Schedule
Tuesday, June 4 • 14:15 - 18:15
Fuzzing with AFL

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

This workshop will teach you how to discover vulnerabilities using modern fuzzing tools.

You will learn when fuzzing is appropriate, how to select and set up various types of target, and how to use American Fuzzy Lop (AFL) to find flaws in those targets. During the workshop you will rediscover real vulnerabilities in software like OpenSSL, ntp, and sendmail.

Aimed at developers and defenders who want to harden their C/C++ applications, as well as bug-hunting researchers and consultants.

What you need to bring:
- A laptop with a SSH client; you will need a basic level of proficiency with the Linux command line (working with files) and programming in C. You do not need to be an expert in either - AFL will do the hard work for you! No prior knowledge of fuzzing is required.
- If you want to run the exercises locally instead of using the provided cloud instances, you will need a Linux system with either Docker or AFL pre-installed. 

avatar for Michael Macnair

Michael Macnair

Michael is an application security engineer working to prevent security flaws from making it into products, and finding and fixing those that slip the net. After getting hooked on modern fuzzing tools for their amazing bug-finding capabilities, he developed a workshop to help others... Read More →

Tuesday June 4, 2019 14:15 - 18:15 BST
Track 2 ILEC Conference Centre 47 Lillie Road London SW6 1UD