DefCon 23: Extending Fuzzing Grammars to Exploit Unexplored Code Paths in Modern Web Browsers
The talk had two parts the first part was an introduction to
fuzzing for the security practitioner. discussing the approaches, tool sets and
integrations between tools we found to be most effective into a recipe for
fuzzing various browsers and various platforms.
The second part was a description of the work and approach used to
create, and extend, browser fuzzing grammars based on w3c specifications to
discover new and unexplored code paths, and find new browser security bugs. In
particular, example of real bugs found in the Chrome and MS Edge browser were
demonstrated.