CEO at Fuzzinglabs
5
Talks Delivered
5
Events Spoken At
4
Countries Visited
4
Years Speaking
5
Total Talks Given
Patrick Ventuzelo is a senior security researcher, CEO & founder of Fuzzinglabs. After working for the French Ministry of Defense, he specialized in fuzzing, vulnerability research, and reverse engineering. Over the years, Patrick has created multiple fuzzers, found hundreds of bugs, and published various blog posts/videos/tools on topics like Rust, Go, Blockchain, WebAssembly, and Browser security. Patrick is a regular speaker and trainer at various security conferences around the globe, including BlackHat USA, OffensiveCon, REcon, RingZer0, PoC, ToorCon, hack.lu, NorthSec, SSTIC, and others.
Areas of Expertise
Presentation Types
Audience Types
This talk is about our journey and step-by-step process into fuzzing Ethereum 2.0 implementations software. We will start with a brief introduction to Ethereum 2.0 specification and ecosystem. Then, we will explain the architecture of this type of software and the kind of bugs we were looking for (DoS, logic/consensus bugs). We will also detail the complexity behind fuzzing 5 differents under-development software written in 5 different languages (Rust, Go, Java, Nim, JS) by 5 different teams. Finally, we will go chronologically through all the different fuzzing frameworks and techniques (dumb, coverage-guided, differential, structural) we used and why we choose them in the first place. In the end, this project leads us to find more than 30 critical bugs across all implementations.
https://web.archive.org/web/20220331161245/https://cfp.hack.lu/hacklu19/talk/CVA39H/
