Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Code Intelligence

code intelligence

How to Find Arbitrary Code Execution Vulnerabilities with Fuzzing

Oct 5, 2022 By Roman Wagner In Code Intelligence

Remember Log4j? Arbitrary code execution bugs are more common than you think, even in memory-safe languages, like Java. Learn how to find these vulnerabilities with fuzzing. Arbitrary code execution vulnerabilities represent one of the most dangerous classes of vulnerabilities in Java applications. Incidents such as Log4Shell clearly demonstrate the impact of these security issues, even in memory-safe languages. They also show that fuzzing can be very effective in finding these vulnerabilities.

Read Post

Uncovering Hidden Bugs and Vulnerabilities in C/C++ | How to Fuzz Your Code With 3 Commands

Oct 5, 2022 By Code Intelligence In Code Intelligence
CI Fuzz CLI is an open-source solution that lets you run feedback-based fuzz tests from your command line. Every developer can use it to find bugs and vulnerabilities with three simple commands. In this stream, I will demonstrate: 1) How to cover the current state of fuzz testing 2) How to set up CLI fuzzing within 3 commands 3) How to uncover multiple bugs and severe memory corruption vulnerabilities
View Video

How to Fuzz Your Code With 3 Commands | Finding Hidden Bugs in C/C++

Oct 5, 2022 By Code Intelligence In Code Intelligence
CI Fuzz CLI is an open-source solution that lets you run feedback-based fuzz tests from your command line. Every developer can use it to find bugs and vulnerabilities with three simple commands. In this stream, our expert Jochen will demonstrate: cover the current state of fuzz testing set up CLI fuzzing within 3 commands uncover multiple bugs and severe memory corruption vulnerabilities All code examples and tools used are open-source.
View Video

Fuzz Testing Automotive Software With Dependencies

Sep 22, 2022 By Code Intelligence In Code Intelligence
The new ISO/SAE 21434 increases the requirement for security testing in the automotive domain. Car manufacturers must now provide advanced security tests for each software component, as part of the validation process. This includes either, penetration testing, vulnerability scanning and/or fuzz testing. But especially the early adoption of fuzz testing is currently becoming best practice among German car manufacturers.
View Video

Fuzzing Web Services | How to Automate Security Testing for Web Applications

Sep 22, 2022 By Code Intelligence In Code Intelligence
Due to their high degree of interconnectivity, web applications are often difficult to secure. In this coding session, Simon Resch demonstrates an approach that allows you to simplify and automate your web application testing using modern fuzzing techniques. Content
View Video

How to Keep your Web Applications Secure: Everything you need to know about Fuzzing

Sep 22, 2022 By Code Intelligence In Code Intelligence
In this coding session, Khaled Yakdan will demonstrate how to secure web applications with fuzzing, and explain how fuzz testing can help you to uncover complex security vulnerabilities, such as Denial of Services (DoS) and Uncaught Exceptions, in your source code. Content
View Video

Mocking Embedded Systems With Fuzz Data

Sep 22, 2022 By Code Intelligence In Code Intelligence
In this live coding session, Daniel Teuchert shows you how to mock embedded systems with fuzz data. This approach enables you to use the advanced mutation methods of feedback-based fuzzing to simulate the behavior of external sources under realistic circumstances and cover unexpected and unlikely edge cases.
View Video

Fuzzing Embedded Systems With Dependencies (for Automotive)

Sep 22, 2022 By Code Intelligence In Code Intelligence
In this recorded live hacking session, Daniel Teuchert, will demonstrate an automated testing approach, that will instantly improve your code coverage and also helps you to protect your automotive software against unexpected edge cases. See full description and use case: page.code-intelligence.com/fuzzing-with-dependencies/20210429
View Video

Copyright © 2024 OpsMatters™. All rights reserved.