Antonio Nappa
ANTONIO NAPPA, PH.D IS THE APPLICATION ANALYSIS TEAM LEADER AT ZIMPERIUM INC. BEFORE JOINING ZIMPERIUM HE WORKED AT BRAVE SOFTWARE AND CORELIGHT.
ANTONIO HAS BEEN ACTIVE IN THE CYBERSECURITY INDUSTRY SINCE 17 YEARS. HE HAS BEEN A VISITING SCHOLAR AT UC BERKELEY, EURECOM, VSB-TUO. HE HAS PUBLISHED MORE THAN 15 PAPERS IN INTERNATIONAL PEER-REVIEWED VENUES. HE IS ALSO AN INVENTOR AND A WELL RECOGNIZED ADJUNCT PROFESSOR AT UC3M MADRID.
HE IS CO-AUTHOR OF: FUZZING AGAINST THE MACHINE: AUTOMATE VULNERABILITY RESEARCH WITH EMULATED IOT DEVICES ON QEMU, PACKT PUBLISHING 2023.
SINCE THE DEFCON 2008 FINALS WITH THE GUARD@MYLAN0 TEAM, HE NEVER GOES TO SLEEP WITH A SEGFAULT.
Session
Emulation and fuzzing are among the many techniques that can be used to improve cybersecurity; however, utilizing these efficiently can be tricky. This workshop will help you understanding how these powerful tools and techniques work. Using a couple of real-world use cases and practical examples, this talk will help you grasp the fundamental concepts of fuzzing and emulation along with advanced vulnerability research, providing you with the tools and skills needed to find security flaws in your software.
The workshop will showcase the QEMU Course, were we move among different architectures and harnesses. We will show famous tools such as American Fuzzy Lop (AFL) and its improved version, AFL++. You’ll learn how to combine these powerful tools to create your own emulation and fuzzing environment and then use it to discover vulnerabilities in various systems, such as iOS, Android, and Samsung’s Mobile Baseband software, Shannon.