PHDays video




Scalable and Effective Fuzzing of Google Chrome

Want to visit   +87

Author: Max Moroz

The talk includes an overview of ClusterFuzz, Chrome’s distributed fuzzing system that finds security bugs in real time and provides reproducible test cases for every crash, and describes advantages of usage of different sanitizers and LibFuzzer (a library for guided fuzzing). It also covers detailed statistics of the types of bugs found in Chrome and provides an insight into the trials and tribulations of distributed fuzzing, including how you can run your own fuzzers on Google’s infrastructure and earn Chrome bounties for bugs your fuzzer finds.

  • Language
  • Russian

Max Moroz is an information security engineer at Google Chrome Security Team and a graduate of the Information Security Department of National Research Nuclear University MEPhI (Moscow Engineering Physics Institute). He is also the founder of the CTF team named BalalaikaCr3w and an active participant in CTF competitions and bug bounty programs.

Max Moroz Max Moroz

Back to the list