Brendan O'Leary
Back to talks
Talk

Fuzzing Frontiers: Exploring Unknown Unknown Vulnerabilities

Explore Nuclei v3.2's innovative fuzzing features for enhanced security testing and vulnerability discovery.

View Slides

100 Word Abstract

Discover the innovative advancements in security testing with our deep dive into Nuclei v3.2, the latest iteration of ProjectDiscovery’s powerful fuzzing tool. This session will explore the enhanced capabilities of Nuclei v3.2, including comprehensive support for crafting custom fuzzing templates and importing HTTP traffic from various tools. We’ll discuss how these features enable security professionals to uncover unknown vulnerabilities more effectively and efficiently. Join us to learn how Nuclei v3.2 can transform your security workflow, providing the tools needed to navigate and mitigate the complex landscape of modern cyber threats.

Longer Description

In this session, we will explore the groundbreaking enhancements introduced in Nuclei v3.2, ProjectDiscovery’s flagship fuzzing tool, designed to democratize security by empowering users to identify and address vulnerabilities swiftly. The release of Nuclei v3.2 marks a significant evolution in fuzzing technology, offering full support for creating diverse fuzzing templates that can handle a variety of input formats—from HTTP traffic captured by tools like Proxify and httpx, to API schema files like OpenAPI and Swagger.

We will delve into the specifics of these advancements, highlighting how Nuclei v3.2 simplifies the process of generating custom fuzzing requests, thereby enhancing the detection of security vulnerabilities across different parts of HTTP requests, including queries, paths, headers, cookies, and bodies. This session will provide a comprehensive overview of the supported fuzzing parts and the new rule types introduced, such as prefix, postfix, replace, infix, and replace-regex, which are crucial for a detailed and effective fuzzing operation.

Attendees will gain practical insights into the application of these features in real-world scenarios, learning how to leverage Nuclei v3.2 to create powerful, tailored security tests. This talk aims to equip cybersecurity professionals with the knowledge and tools to stay ahead in the rapidly evolving field of cyber defense, making it an essential addition to the toolkit of those seeking to enhance their security posture. Join us to understand how Nuclei v3.2 can serve as a cornerstone in your security strategy, providing a robust platform for discovering and mitigating potential security threats before they can be exploited.

X LinkedIn GitLab Instagram
© 2024 | Brendan O'Leary

Note: The views expressed on this site are my own personal views and do not represent the opinions of any entity whatsoever which I have been, am now, or will be affiliated.