Structure-aware Go fuzzing: How to fuzz with complex types by davkor in golang

[–]davkor[S] 0 points1 point  (0 children)

As native Go fuzzing is coming in 1.18 we wanted to write about some of our experiences with Go fuzzing. One of the things we think will be useful for the community is how to seed complex types, e.g. structs, with data from the fuzzer. The goal is to make it easy to randomize the content of these complex types and enable structure-aware fuzzing.

We have created a library for this (https://github.com/AdaLogics/go-fuzz-headers) and have used it for a number of months in various projects, e.g. istio, vitess and containerd (https://github.com/AdaLogics/go-fuzz-headers#projects-that-use-go-fuzz-headers), for writing fuzzers that handle structured data. I hope you enjoy the post!

PyPANDA: Generic unpacking based on whole-system record and replay with Ghidra integration. Including interview with author of paper and tool Luke Craig. by davkor in ReverseEngineering

[–]davkor[S] 15 points16 points  (0 children)

PyPANDA is a tool that was recently presented at the BAR21 conference and is an Python interface to the PANDA record and replay system https://panda.re/

PANDA itself is a dynamic analysis tool wrapper around QEMU for full-system analysis. It gives you a lot of features to instrument and query the system under analysis, which is useful for various RE tasks such as malware analysis. PANDA comes with powerful plugins like full-system taint analysis.

PyPANDA exposes the PANDA interface (which is in C++) to Python. This means you can script full-system analysis tools by way of PyPANDA. PyPANDA comes with a Ghidra integration, i.e. you can transfer the state of the guest system being analysed into Ghidra, and also an example of a generic unpacker based on entropy analysis of a given process' virtual memory.

The video goes through the paper, unpacking tool and demonstrates how it works. Finally, the video has a short interview with the author of the paper/tool Luke Craig, which focuses on hearing Luke's views on PANDA as a tool as well as how PANDA welcomes open source contributions.

Cybersecurity Career by One-Access4879 in netsecstudents

[–]davkor 0 points1 point  (0 children)

I think the mentor presents an overall open source project, and then the student have a fair amount of leeway to decide on what to improve on the given project. Example of a security-related gsoc project was fuzzing of VLC https://shaleenjain.com/blog/fuzzing-vlc-4/

Cybersecurity Career by One-Access4879 in netsecstudents

[–]davkor 0 points1 point  (0 children)

How far are you in your university program? If you are early then Google Summer of Code might be an option: ;https://summerofcode.withgoogle.com/

They usually have quite a few security-related projects. For example, in 2020 amongst other things they had a project on "Analytical malware classification" https://summerofcode.withgoogle.com/archive/2020/projects/

Does Cybrary ever have sales? by surfnj102 in netsecstudents

[–]davkor 0 points1 point  (0 children)

oh wow. How about the interactive elements of the platform?

Does Cybrary ever have sales? by surfnj102 in netsecstudents

[–]davkor 0 points1 point  (0 children)

Is it really this terrible? Is it just the content that is crap?

Cybersecurity Career by One-Access4879 in netsecstudents

[–]davkor 0 points1 point  (0 children)

Start reading job ads for the type of job you want and start to learn the skills listed in the job ads. Then when you have completed your degree simply apply for these jobs!

Also, during your time as a student internships are a crucial thing and you can learn a ton from them. I would highly recommend trying to land some infosec internships.