Introducing techniques from the world of machine learning for fuzzing, like reinforcement learning for input mutation and deep learning for dictionary inference
Enhancing taint tracking for both source code and binary analysis
Tree based testing for black box assessment of web applications
Target Audience: Architects, Developers, Cybersecurity Specialist, Programmers
Prerequisites: Basic Security Software Knowledge
Domain: Offensive Security
Offensive Security has long been an esoteric knowledge, discussed in closed circles among select groups, shared as black magic recipes with secret ingredients.
A lot has changed since the days of IRC chat rooms, 0-days exchanges and invite only conferences. Security is now taught at schools, published in books and presented at conferences.
Despite this progress, offensive security is in its most parts a manual process performed by pentesters, bug hunters or weekend enthousiast. Most tools is use both - open source and commercial - are glorified brute forcers that tests large set of inputs hoping to find the one that works.
New Research and progress has however been made in the past few years like:
This presentation focuses on the most astonishing progress made in this area, and share our experience implementing and running these techniques to target web, mobile and systems applications as part of the largest security scanning infrastructure in the world. We will present the challenges that software assessment present, like path explosion, formalisation or simply the sheer randomness of the world of web and standards.
Alaeddine Mesbahi works as a Security Engineer at Google specialized in penetration testing and security source code review.
He is in his own words a Python addict, self-proclaimed green mint tea expert. He enjoys learning new stuff about InfoSec every day, losing at chess and practicing martial arts. Alaeddine holds the Offensive Security Certified Professional (OSCP) and Offensive Security Certified Expert (OSCE) certifications.