A Hypervisor as a Basis for a Sandbox
We hope that this article will be useful to you. In this post, two topics will be considered from the theoretical and practical point of view.
The author is going to talk with heise devSec (and IT-SECX and DefCamp) about confusing binary files for developers, and therefore wants to test various approaches to applications with fusion versions. Fuzzing is a very important concept at design time, and so all developers should know how to do it correctly and that this setting can be simple and fast.
Currently, the most commonly used fuzzer is called AFL (American fuzzy lop). AFL is extremely effective in identifying vulnerabilities. The key training is that the size of the input file is very important during fuzzing! At least as important as the usual speed of doing fuzzer! In the theoretical part, the author tells his thoughts step by step.
You may read in this article about the practical part and the generalized workflow fuzzing, which the author’s recommends.