Login
FuzzingLabs Academy/C/C++ Whitebox Fuzzing
Buy now

  • $1,300

C/C++ Whitebox Fuzzing

Learn how to use famous fuzzing framework, develop harnesses and apply different fuzzing techniques to find bugs in C/C++ source code.
🎞️ 40+ videos / ⏱️ 5+ hours / πŸ‘¨β€πŸ’» 25+ exercises
Enroll Now

What you'll learn

This course will teach you everything you need to know to start fuzzing C/C++ source code using different fuzzing techniques. You will learn how to use famous coverage-guided fuzzing frameworks (afl, libfuzzer, honggfuzz) and create custom fuzz target harnesses. Then, you will learn how to evaluate and improve your fuzzing results, debug and analyze crashes. Finally, you will discover some other more advanced testing techniques to find in-depth bugs. Along the training, you will only target real-life/popular C/C++ libraries.

Schedule

  • Introduction to Fuzzing
  • Coverage-guided Fuzzing
    • afl++ / honggfuzz
  • Improve your Fuzzing Workflow
    • Corpus/inputs selection
    • Code coverage / Corpus minimization
  • Crashes Analysis
    • Crashes minimization / Bucketing
    • Debugging / Root cause analysis
  • In-Process/Memory Fuzzing
    • Concept and particularity
    • libfuzzer / afl++ / honggfuzz
  • Generation-based Fuzzing
    • Grammar-based Fuzzing
    • Structure-aware Fuzzing
  • Advanced Testing Techniques
    • Symbolic Execution / Concolic Execution
    • Differential Fuzzing
  • Exercises

What's included?

πŸ”‘ Immediate access to all the content
⏱️ 5+ hours of curated and practical knowledge
🎞️ 40+ easy-to-digest, on-demand videos
πŸ‘¨β€πŸ’» 25+ hands-on exercises & labs
♾️ Lifetime access
πŸ“– 120+ digital and printable slides
πŸ“ Assignments to apply your new skills
πŸ’― Certificate of completion

Who should attend?

This course is for anyone who's looking for a hands-on and pragmatic approach to fuzz C/C++ code:

βœ” Software developers
βœ” Security engineers
βœ” Vulnerability researchers
βœ” Pentesters & Red team professionals

Trusted by Security Engineers at Leading Companies

What Students are Saying...

Anonymous

The best part was building the harness and understanding how to build it. Also this training simplified a lot of things where I was lost due to having a lot of information over the internet.

Anonymous

Really clean and interesting training that helps me to understand better what is fuzzing and how to apply it on my C and C++ code.

Anonymous

This training is definitely worth it, a plus will be more exercises e.g. in software like Apache web server, some ftp server, etc.

Brendan.S

Patrick is very skilled in his art. This course covers so much to get into the world of fuzzing. This course even covers how Radamsa can be used from a pentesting perspective. Highly recommend this course to anyone looking to learn more about fuzzing open source applications! 

Anonymous

This course definitely delivered what it says on the tin. I now have a reasonable overview of what's possible with fuzzing and gained on-hands experience. The complexity and depth of this topic makes it infeasible to cover everything in depth in just 2 days.  Thankfully Patrick provides a ton of links and book recommendations. I wish to learn more about selecting/generating corpora and how to practically fuzz network services in-process. The lab VM was well setup and enjoyable to use. All in all I'd recommend this course.

  • $1,300

C/C++ Whitebox Fuzzing

Learn how to use famous fuzzing framework, develop harnesses and apply different fuzzing techniques to find bugs in C/C++ source code.
🎞️ 40+ videos / ⏱️ 5+ hours / πŸ‘¨β€πŸ’» 25+ exercises
Enroll Now

What's included?

Materials

C_C++_WhiteBox_Fuzzing_v1_1.pdf
c_cplusplus_whitebox_fuzzing_training.zip
VM_access_and_credentials.md

1. Introduction to Fuzzing

Welcome & Overview
Preview
1.0 - Introduction to Fuzzing
1.1 - Mutation-based fuzzing

2. Coverage-guided Fuzzing

2.0 - Coverage-guided Fuzzing
2.1 - AFL/AFL++
2.2 - AFL/AFL++ (Labs correction)
2.3 - Honggfuzz
2.4 - Exercises
2.5 - Exercises - Solution

3. Improve your Fuzzing Workflow

3.0 - Corpus - Input collection
3.1 - Code coverage
3.2 - Corpus minimization
3.3 - Sanitizers

4. Crashes Analysis

4.0 - Crashes Triaging
4.1 - Bucketing
4.2 - Crashes minimization
4.3 - Debugging / Root cause analysis

5. In-Process Fuzzing

5.0 - In-Process Fuzzing
5.1 - Libfuzzer
5.2 - Libfuzzer (Labs correction)
5.3 - AFL++
5.4 - Honggfuzz
5.5 - Exercises
5.6 - Exercise #1 - Solution
5.7 - Exercise #2 - Solution
5.8 - Exercise #3 - Solution

6. Generation-based Fuzzing

6.0 - Grammar-based Fuzzing
6.1 - Structure-aware Fuzzing

7. Advanced Testing Techniques

7.0 - Property-based testing
7.1 - Symbolic Execution
7.2 - Concolic Testing / DSE
7.3 - Differential Fuzzing

8. Exercises

8.0 - Interesting targets
8.1 - Exercise #1
8.2 - Exercise #1 - Solution
8.3 - Exercise #2
8.4 - Exercise #2 - Solution
8.5 - Exercise #3
8.6 - Exercise #3 - Solution
8.7 - Exercise #4
8.8 - Exercise #4 - Solution

Conclusion / Thank You

Closing remarks
Provide Feedback Here

  • $1,300

C/C++ Whitebox Fuzzing

Learn how to use famous fuzzing framework, develop harnesses and apply different fuzzing techniques to find bugs in C/C++ source code.
🎞️ 40+ videos / ⏱️ 5+ hours / πŸ‘¨β€πŸ’» 25+ exercises
Enroll Now

Recognized by the Global Security Community

We speak, train, and compete at the world’s most respected security conferences.

Meet Your Instructor

Hey! πŸ‘‹ My name is Patrick and I'm the founder of FuzzingLabs, a research-oriented security company specializing in fuzzing, vulnerability research, and reverse engineering.

Over time, we found hundreds of bugs and presented our work at various security conferences around the globe, including BlackHat USA, OffensiveCon, REcon, Devcon, EthCC, RingZer0, ToorCon, hack.lu, NorthSec, Microsoft DCC, etc.

You can read more about me by clicking here.
XLinked_inYoutubeWebsiteMail

FREE Resources & Trainings

Enter your email to receive special deals and a bundle of awesome resources. 100% free - 100% awesome. πŸ‘‡

You're signing up to receive emails from FuzzingLabs Academy

Frequently Asked Questions

Please, contact us here if you have any other question!

How to get access to my Fuzzing Labs courses?

FuzzingLabs is using the podia.com platform to provide the course materials.
Immediately after placing your order, you will receive an email with your login details. 

I can't or don't want to pay with Paypal or a credit card, can I still join?

Yes of course, just send me an email at fuzzinglabs@gmail.com and we will see how to make it work.

I would prefer to have an online/onsite LIVE training experience, is it possible?

We also offer all the training on this platform in a LIVE online format upon request.
Customization of on-site/online training can also be possible for small groups of attendees and depending on the timezone. Don't hesitate to contact me by mail, the popup chat, or using this form.

For how long I get access to the course?

Any courses in the FuzzingLabs Academy come with life-time access.

Will the training be updated in the future?

Courses will be updated over time and you will receive a notification email.

I'm a student, can I have a special discount?

Yes ;) Send me a message using the chat popup and we will discuss the requirement.