C/C++ Whitebox Fuzzing

$1,300

C/C++ Whitebox Fuzzing

Learn how to use famous fuzzing framework, develop harnesses and apply different fuzzing techniques to find bugs in C/C++ source code.
🎞️ 40+ videos / ⏱️ 5+ hours / 👨‍💻 25+ exercises

Enroll Now

What you'll learn

This course will teach you everything you need to know to start fuzzing C/C++ source code using different fuzzing techniques. You will learn how to use famous coverage-guided fuzzing frameworks (afl, libfuzzer, honggfuzz) and create custom fuzz target harnesses. Then, you will learn how to evaluate and improve your fuzzing results, debug and analyze crashes. Finally, you will discover some other more advanced testing techniques to find in-depth bugs. Along the training, you will only target real-life/popular C/C++ libraries.

Schedule

Introduction to Fuzzing
Coverage-guided Fuzzing
- afl++ / honggfuzz
Improve your Fuzzing Workflow
- Corpus/inputs selection
- Code coverage / Corpus minimization
Crashes Analysis
- Crashes minimization / Bucketing
- Debugging / Root cause analysis
In-Process/Memory Fuzzing
- Concept and particularity
- libfuzzer / afl++ / honggfuzz
Generation-based Fuzzing
- Grammar-based Fuzzing
- Structure-aware Fuzzing
Advanced Testing Techniques
- Symbolic Execution / Concolic Execution
- Differential Fuzzing
Exercises

What's included?

🔑 Immediate access to all the content
⏱️ 5+ hours of curated and practical knowledge
🎞️ 40+ easy-to-digest, on-demand videos
👨‍💻 25+ hands-on exercises & labs
♾️ Lifetime access
📖 120+ digital and printable slides
📝 Assignments to apply your new skills
💯 Certificate of completion

Who should attend?

This course is for anyone who's looking for a hands-on and pragmatic approach to fuzz C/C++ code:

✔ Software developers
✔ Security engineers
✔ Vulnerability researchers
✔ Pentesters & Red team professionals

Trusted by Security Engineers at Leading Companies

What Students are Saying...

Anonymous

The best part was building the harness and understanding how to build it. Also this training simplified a lot of things where I was lost due to having a lot of information over the internet.

Anonymous

Really clean and interesting training that helps me to understand better what is fuzzing and how to apply it on my C and C++ code.

Anonymous

This training is definitely worth it, a plus will be more exercises e.g. in software like Apache web server, some ftp server, etc.

Brendan.S

Patrick is very skilled in his art. This course covers so much to get into the world of fuzzing. This course even covers how Radamsa can be used from a pentesting perspective. Highly recommend this course to anyone looking to learn more about fuzzing open source applications!

Anonymous

This course definitely delivered what it says on the tin. I now have a reasonable overview of what's possible with fuzzing and gained on-hands experience. The complexity and depth of this topic makes it infeasible to cover everything in depth in just 2 days. Thankfully Patrick provides a ton of links and book recommendations. I wish to learn more about selecting/generating corpora and how to practically fuzz network services in-process. The lab VM was well setup and enjoyable to use. All in all I'd recommend this course.

$1,300

C/C++ Whitebox Fuzzing

Enroll Now

What's included?

Materials

C_C++_WhiteBox_Fuzzing_v1_1.pdf

5.34 MB

c_cplusplus_whitebox_fuzzing_training.zip

1.27 GB

VM_access_and_credentials.md

931 Bytes

1. Introduction to Fuzzing

Welcome & Overview

Preview

1.0 - Introduction to Fuzzing

17 mins
543 MB

1.1 - Mutation-based fuzzing

10 mins
312 MB

2. Coverage-guided Fuzzing

2.0 - Coverage-guided Fuzzing

4 mins
104 MB

2.1 - AFL/AFL++

7 mins
221 MB

2.2 - AFL/AFL++ (Labs correction)

15 mins
485 MB

2.3 - Honggfuzz

16 mins
503 MB

2.4 - Exercises

2 mins
45.8 MB

2.5 - Exercises - Solution

16 mins
513 MB

3. Improve your Fuzzing Workflow

3.0 - Corpus - Input collection

6 mins
187 MB

3.1 - Code coverage

13 mins
422 MB

3.2 - Corpus minimization

9 mins
289 MB

3.3 - Sanitizers

6 mins
172 MB

4. Crashes Analysis

4.0 - Crashes Triaging

4 mins
113 MB

4.1 - Bucketing

11 mins
355 MB

4.2 - Crashes minimization

17 mins
538 MB

4.3 - Debugging / Root cause analysis

12 mins
386 MB

5. In-Process Fuzzing

5.0 - In-Process Fuzzing

5 mins
159 MB

5.1 - Libfuzzer

10 mins
320 MB

5.2 - Libfuzzer (Labs correction)

10 mins
309 MB

5.3 - AFL++

14 mins
436 MB

5.4 - Honggfuzz

9 mins
268 MB

5.5 - Exercises

4 mins
111 MB

5.6 - Exercise #1 - Solution

11 mins
346 MB

5.7 - Exercise #2 - Solution

4 mins
133 MB

5.8 - Exercise #3 - Solution

10 mins
309 MB

6. Generation-based Fuzzing

6.0 - Grammar-based Fuzzing

10 mins
310 MB

6.1 - Structure-aware Fuzzing

10 mins
303 MB

7. Advanced Testing Techniques

7.0 - Property-based testing

4 mins
111 MB

7.1 - Symbolic Execution

4 mins
128 MB

7.2 - Concolic Testing / DSE

7 mins
229 MB

7.3 - Differential Fuzzing

17 mins
565 MB

8. Exercises

8.0 - Interesting targets

5 mins
153 MB

8.1 - Exercise #1

3 mins
80.2 MB

8.2 - Exercise #1 - Solution

5 mins
154 MB

8.3 - Exercise #2

4 mins
104 MB

8.4 - Exercise #2 - Solution

6 mins
168 MB

8.5 - Exercise #3

3 mins
86.2 MB

8.6 - Exercise #3 - Solution

9 mins
279 MB

8.7 - Exercise #4

3 mins
73.5 MB

8.8 - Exercise #4 - Solution

8 mins
249 MB

Conclusion / Thank You

Closing remarks

6 mins
196 MB

Provide Feedback Here

$1,300

C/C++ Whitebox Fuzzing

Enroll Now

Recognized by the Global Security Community

We speak, train, and compete at the world’s most respected security conferences.

Meet Your Instructor

Hey! 👋 My name is Patrick and I'm the founder of FuzzingLabs, a research-oriented security company specializing in fuzzing, vulnerability research, and reverse engineering.

Over time, we found hundreds of bugs and presented our work at various security conferences around the globe, including BlackHat USA, OffensiveCon, REcon, Devcon, EthCC, RingZer0, ToorCon, hack.lu, NorthSec, Microsoft DCC, etc.

You can read more about me by clicking here.

X Linked_in Youtube Website Mail

FREE Resources & Trainings

Enter your email to receive special deals and a bundle of awesome resources. 100% free - 100% awesome. 👇

Frequently Asked Questions

Please, contact us here if you have any other question!

How to get access to my Fuzzing Labs courses?

FuzzingLabs is using the podia.com platform to provide the course materials.
Immediately after placing your order, you will receive an email with your login details.

I can't or don't want to pay with Paypal or a credit card, can I still join?

Yes of course, just send me an email at fuzzinglabs@gmail.com and we will see how to make it work.

I would prefer to have an online/onsite LIVE training experience, is it possible?

We also offer all the training on this platform in a LIVE online format upon request.
Customization of on-site/online training can also be possible for small groups of attendees and depending on the timezone. Don't hesitate to contact me by mail, the popup chat, or using this form.

For how long I get access to the course?

Any courses in the FuzzingLabs Academy come with life-time access.

Will the training be updated in the future?

Courses will be updated over time and you will receive a notification email.

I'm a student, can I have a special discount?

Yes ;) Send me a message using the chat popup and we will discuss the requirement.