Schedule
Back
Ariel Zelivansky
I am the head of security research at Twistlock. I do security with a special affection for the Ruby language.
Fuzzing native Ruby code with Kisaten
Fuzzing is a common technique used to discover bugs and vulnerabilities in code. In order to fuzz native Ruby code, I've built Kisaten, a Ruby extension for MRI that uses the magic of one of the best fuzzers of the time, american fuzzy lop
. With Kisaten I found bugs in the Ruby standard library (in rdoc and rexml) and in popular gems like mail, asciidoctor and rubyzip. And there is still much more to fuzz!
I plan to walk through its development process from a Rubyist point of view, and present how it can be used so you can fuzz your own code.