I Just Gave My First Talk
As part of my mandatory university curriculum I worked as a security researcher and devloper at AVOLENS. I've already written about my experience in finding bugs and now wanted to touch on the other half of the work I did: Developing KubeFuzz.
At my time of internship, the company was mainly focused on Kubernetes and cloud security. My task twas to develop a tool to automatically test admission controller chains. We decided that a fuzzer would be a great fit.
I think the solution I came up with is quite interesting, as KubeFuzz is a network based generative and mutative grammar based fuzzer that even uses feedback from the target chain to prioritize certain inputs (support for simple instrumentation so to speak).
I won't go into the details here since I've already done this at my first ever talk at TROOPERS together with @p4ck3t0!