Advanced Custom Network Protocol Fuzzing

Get hands on experience writing custom network protocol fuzzers. This class will cover the basics of network protocol "smart fuzzing." Exercises will utilize the open source network protocol fuzzing framework, boofuzz. Attendees will gain practice reverse engineering a network protocol, implementing and iterating on a custom fuzzer, and identifying vulnerabilities.

After the class:
You will know the basics of fuzzing.
You will know how to write custom network protocol fuzzers using state of the art open source tools.
You will have hands on experience with this widely-discussed but still largely mysterious test method.

Before the class (Prerequisites): You should:
Be comfortable doing some basic programming in Python.
Understand basic network protocol concepts (e.g. what is a protocol and what is a network layer).
Be familiar with WireShark and how to use it.
Have a laptop with at least 8 GB of RAM.

What you won't learn:
Exploit development.
Python programming. Because you can already do that (see above). ;)

Fuzzing is a wide and deep field with a wide array of technologies. This class is a beginner-friendly deep dive into one niche of the fuzzing world.
Joshua is a software engineer specializing in information and network security. He has worked in the critical infrastructure and cloud computing industries with employers heavily invested in software and hardware security. Among his passions are hacking, teaching kids to program, attending orchestral concerts with his wife, and figuring out how he can get paid to do it all... legally.

Joshua is the maintainer of the boofuzz network protocol fuzzing framework.

Tim is a software engineer working in information security. He has worked for a startup and data analytics companies. He currently works in critical infrastructure with a focus on security and fuzzing. He cringes at the thought of insecure systems and therefore seeks to improve the security of anyone who will listen. Tim has experience deploying gratuitous amounts of fuzz over the network, and has taught others to do the same.

Prerequisites for students:
- Some basic Python programming experience )(some programming ability is REQUIRED).
- Basic understanding of network protocols.
- Basic familiarity with Wireshark.
- Optional: Fuzzing experience.

Materials or Equipment students will need to bring to participate:
- Laptop -- strongly recommended: configure for Defcon secure Wi-Fi access beforehand.
- Software requirements will be emailed to class ahead of time