LangSec Workshop

at IEEE Security & Privacy, Thursday May 25, 2017

LangSec Hackathon!

"Write all the parsers, get them right the first time!"

The First LangSec Hackathon in San Jose, CA

We will be holding a LangSec hackathon at the Fairmont Hotel on Wednesday May 24, the day before the workshop. You don't need to register for the workshop to take part in the Hackathon.

We will start the day with introductions from creators of Hammer and Nom parser combinators to their tools, and will also include a short training on libFuzzer, which will be used to test parsers.

The goal will be to implement as many popular protocols that need secure input handling as possible, in the [Hammer] framework of parser combinators, in any language that Hammer has bindings for, and in [Nom], the powerful Rust parser combinator library.

Check out the [Hammer Primer] for a series of video tutorials about programming with Hammer. Check out Nom's github page for examples of parsers written in Nom.

Creators of Hammer and Nom will be on site and glad to share knowledge of the tools' internals and idioms.

The conference will provide a space with suitable Wi-Fi and power access. We are currently looking for sponsors for food and caffeinated drinks.

Tutorials at the Hackathon

The hackathon will start with tutorials on the tools, delivered by their authors. We plan three tutorials:

Hackathon FAQ

Where: The Fairmont Hotel, San Jose, CA


The hackathon will be co-located with our LangSec Security & Privacy Workshop. The workshop will be held on Thursday May 25; the hackathon will be held on Wednesday May 24. Please pre-register so that we can plan for hotel space!

How to join:

Send an email with the subject of "hackathon" to sergey . This will pre-register you for the hackathon, and will allow us to send you any updates. This will also help us plan for space and time.

Do I need to register for the LangSec workshop on May 25?:

No. The workshop follows the general IEEE Security & Privacy setup, which means a non-nominal registration fee to attend the presentations. These presentations will be recorded and eventually posted to Youtube. Although we plan to sponsor a limited number of registrations (e.g., for students), you don't need to register to take part in the Hackathon.


We will offer tasks in parser implementation using

For both tools, we will have their authors attenting and giving short introductions to the tools to hackathon attendees (you).

Additionally, we will integrate Google's libFuzzer to test the parser code right at the point of check-in. This way, you will see if you got it right the first time---which we believe you will, with the right tools!