Seminario - AFL*: a simple approach to fuzzing stateful systems

il 22 settembre ore 11:00 in aula 36 del DMI

ll dott. Cristian Daniele,

della Radboud University, Olanda,
terrà un seminario dal titolo
"AFL*: a simple approach to fuzzing stateful systems".
Abstract. Fuzzing is a testing technique used to discover vulnerabilities in systems. The idea behind the technique is straightforward: a fuzzer feeds the system under test (SUT) with malformed messages waiting for crashes or weird system behaviour. A fuzzer can test systems that do not maintain any internal state (stateless) or systems that need to keep a state (stateful). This distinction plays a crucial role since a stateful fuzzer needs to be aware of the stateful nature of the system to send interesting messages. In this talk, I will discuss the challenges in fuzzing stateful systems and then present AFL*, a fuzzer that uses AFL++ in persistent mode to efficiently fuzz stateful systems.