|
|
|
|
|
|
Peach 2.0
Abstract
It's been four years since the original version of Peach was created
at ph-neutral 0x7d4 and things have certainly changed!
Peach 2.0 features new abstractions for data and state modeling making
fuzzer development faster and easier with less to no requirement to
know any programming language. Peach is still extensible and capable
of fuzzing just about any target from network protocols, embedded
systems, through DCOM, Web services, and file parsers.
We will explore how Peach 2 works, and take a look at a number of cool
features such as Peach-in-the-Middle (PiTM) fuzzing, distributed
parallel fuzzing, automatic fuzzer generation, etc.
Peach is a four year old free-software project released user the MIT
Free Software License and is not a commercial product.
Speaker
A founding principal of Leviathan Security Group with over ten years
experience in computer security, with expertise in application and
network security, through threat modeling. Michael founded the
security services practice for IOActive and co-founded the Security
Services Center for Hewlett-Packard's services division. Michael is
also an accomplished software developer, having participated in a
number of open-source security development projects ranging from the
Trike threat modeling conceptual framework to the Peach Fuzzer
Platform. Michael "DD" Eddington is also a founding member of the
Ghetto Hackers.
|
|
|
|
|