In this lecture we will be talking about fuzz testing, a process for finding bugs in your code which may also be security vulnerabilities. If you are using property-based testing with Hypothesis, this means that you are already fuzzing your code. But we aren't going to talk about Hypothesis here, or, at least not much. We will start with what fuzzing is and where does it come from and then we will learn about Atheris, a coverage guided fuzzer for Python and CPython extensions code. We will look how and what for others use it to see how we can leverage it to test our code better.
Rozłączony zawodowo zajmuje się audytami bezpieczeństwa różnego rodzaju softu wraz z firmą Trail of Bits, analizując kod czy wykorzystując różne narzędzia takie jak fuzzing czy własne regułki statycznej analizy. Poza pracą grywa CTFy z justCatTheFish, gra w DoTA2 i nie może doczekać się powrotu do rzeczywistości w której konferencje onsite czy offline mają jednak miejsce.
SpotOn is a software company dedicated to redefining the merchant services industry. SpotOn combines payment processing with customer engagement and business management solutions, giving small and medium businesses the data and tools they need to run and grow their business. Our tools increase revenue and connect businesses with their customers using rewards, deals, online reviews, website building, and data analytics. Tools like these were previously only available to big businesses with big bankrolls and their own developers, but our platform caters to neighborhood stores, independent retailers, and other small to midsize businesses. We have our service deployed in many cities across the U.S. and Mexico. Our technologies - Backend (Python, Golang) - Front end (React) - Mobile development (iOS i Android) - Testing & Designing Our industries - Restaurants Payment solutions, printers & facilities - Services Booking management systems - Retail & e-commerce Powerful websites