CanSecWest Vancouver 2011

Site menu:

Register | Conference | Dojo | Speakers | Agenda | Past Events | Hotel & Travel | Contact

Security Masters Dojo

Advanced and intermediate security training and technology enhancement for information security professionals.

Effective Fuzzing using the Peach Fuzzing Platform

Instructor:
Michael Eddington

Register For This Course

Description

The entirety of the course is student centric, hands on, and lab intensive. On day one, students will be instructed on the use of the Peach Fuzzing Platform, from a practitioner's perspective, learning the ways in which Peach can be used to fuzz a variety of targets including network protocol parsers, ActiveX/COM interfaces, file parsers, APIs, and web services. Students will build and run fuzzers that target real world applications.

On the second day, students will be exposed to the internals of Peach for a developer's perspective. The Peach architecture and module interfaces will be explained in great detail as to equip students with the skills necessary to extend and adapt Peach to their custom needs. Students will then develop their own Peach extensions in a lab environment to reinforce these concepts.

PREREQUISITE WARNING Each class has prerequisites for software loads and a laptop is mandatory. These individual class guides will list material the students are expected have knowledge about coming in and software tools that need to be pre-installed before attending so you get the maximum benefit from the focused intermediate or advanced level course. Please pay particular attention to the prerequisites, as the material listed there will not be reviewed in the courses, and will be necessary to get the maximum benefit out of these educational programs.

Topics

Upon completion of this course, students will be enabled to create effective fuzzers that target:

• State-aware network protocol parsers
• N-tier applications
• Arbitrary APIs
• File parsers
• COM and Active/X components
• Extend the Peach Fuzzing Platform
• Apply these concepts and tools to their unique environment
• Utilize parallel fuzzing to increase fuzzing efficiency

Prerequisite Knowledge

• Ability to use Windows XP
• Ability to use WireShark
• Working knowledge of basic XML or HTML

Laptop requirements

• A laptop capable of running two Windows XP Virtual Machines
• Dual Core machine w/2GB of RAM recommended
• One of the following Virtualalization Platforms:
  • VMWare Server 2.0
  • VMWare Player 2.0 (FREE)
  • VMWare Workstation 6.x
• One of the following devices:
  • USB 2.0 port
  • Dual Layer DVD Drive
  • 1394/Firewire port

IMPORTANT NOTE

This is a two day course and may not be taken in conjunction with another course.

Sponsors:

More Information:

Sponsorship Information | Valid XHTML | Valid CSS

Wise words:

"Sen Sen No Waza - to strike the opponent after he has formed the intention to attack and has committed to a specific motion."

Copyright © dragostech.com inc. All Rights Reserved.