FuzzingLabs Academy/C/C++ Whitebox Fuzzing

  • $1,300

C/C++ Whitebox Fuzzing

    Learn how to use famous fuzzing framework, develop harnesses and apply different fuzzing techniques to find bugs in C/C++ source code.
    🎞️ 40+ videos / ⏱️ 5+ hours / πŸ‘¨β€πŸ’» 25+ exercises

    What you'll learn

    This course will teach you everything you need to know to start fuzzing C/C++ source code using different fuzzing techniques. You will learn how to use famous coverage-guided fuzzing frameworks (afl, libfuzzer, honggfuzz) and create custom fuzz target harnesses. Then, you will learn how to evaluate and improve your fuzzing results, debug and analyze crashes. Finally, you will discover some other more advanced testing techniques to find in-depth bugs. Along the training, you will only target real-life/popular C/C++ libraries.

    Outline

    • Introduction to Fuzzing
    • Coverage-guided Fuzzing
      • afl++ / honggfuzz
    • Improve your Fuzzing Workflow
      • Corpus/inputs selection
      • Code coverage / Corpus minimization
    • Crashes Analysis
      • Crashes minimization / Bucketing
      • Debugging / Root cause analysis
    • In-Process/Memory Fuzzing
      • Concept and particularity
      • libfuzzer / afl++ / honggfuzz
    • Generation-based Fuzzing
      • Grammar-based Fuzzing
      • Structure-aware Fuzzing
    • Advanced Testing Techniques
      • Symbolic Execution / Concolic Execution
      • Differential Fuzzing
    • Exercises

    What's included?

    πŸ”‘ Immediate access to all the content
    ⏱️ 5+ hours of curated and practical knowledge
    🎞️ 40+ easy-to-digest, on-demand videos
    πŸ‘¨β€πŸ’» 25+ hands-on exercises & labs
    ♾️ Lifetime access
    πŸ“– 120+ digital and printable slides
    πŸ“ Assignments to apply your new skills
    πŸ’― Certificate of completion

    Who should attend?

    This course is for anyone who's looking for a hands-on and pragmatic approach to fuzz C/C++ code:

    βœ” Software developers
    βœ” Security engineers
    βœ” Vulnerability researchers
    βœ” Pentesters & Red team professionals

    What Students are Saying...

    Anonymous

    The best part was building the harness and understanding how to build it. Also this training simplified a lot of things where I was lost due to having a lot of information over the internet.

    Anonymous

    Really clean and interesting training that helps me to understand better what is fuzzing and how to apply it on my C and C++ code.

    Anonymous

    This training is definitely worth it, a plus will be more exercises e.g. in software like Apache web server, some ftp server, etc.

    Brendan.S

    Patrick is very skilled in his art. This course covers so much to get into the world of fuzzing. This course even covers how Radamsa can be used from a pentesting perspective. Highly recommend this course to anyone looking to learn more about fuzzing open source applications! 

    Anonymous

    This course definitely delivered what it says on the tin. I now have a reasonable overview of what's possible with fuzzing and gained on-hands experience. The complexity and depth of this topic makes it infeasible to cover everything in depth in just 2 days.  Thankfully Patrick provides a ton of links and book recommendations. I wish to learn more about selecting/generating corpora and how to practically fuzz network services in-process. The lab VM was well setup and enjoyable to use. All in all I'd recommend this course.

    • $1,300

    C/C++ Whitebox Fuzzing

      Learn how to use famous fuzzing framework, develop harnesses and apply different fuzzing techniques to find bugs in C/C++ source code.
      🎞️ 40+ videos / ⏱️ 5+ hours / πŸ‘¨β€πŸ’» 25+ exercises

      What's included?

      Materials

      C_C++_WhiteBox_Fuzzing_v1_1.pdf
      • 5.34 MB
      c_cplusplus_whitebox_fuzzing_training.zip
      • 1.27 GB
      VM_access_and_credentials.md
      • 931 Bytes

      1. Introduction to Fuzzing

      Welcome & Overview
        Preview
        1.0 - Introduction to Fuzzing
        • 17 mins
        • 543 MB
        1.1 - Mutation-based fuzzing
        • 10 mins
        • 312 MB

        2. Coverage-guided Fuzzing

        2.0 - Coverage-guided Fuzzing
        • 4 mins
        • 104 MB
        2.1 - AFL/AFL++
        • 7 mins
        • 221 MB
        2.2 - AFL/AFL++ (Labs correction)
        • 15 mins
        • 485 MB
        2.3 - Honggfuzz
        • 16 mins
        • 503 MB
        2.4 - Exercises
        • 2 mins
        • 45.8 MB
        2.5 - Exercises - Solution
        • 16 mins
        • 513 MB

        3. Improve your Fuzzing Workflow

        3.0 - Corpus - Input collection
        • 6 mins
        • 187 MB
        3.1 - Code coverage
        • 13 mins
        • 422 MB
        3.2 - Corpus minimization
        • 9 mins
        • 289 MB
        3.3 - Sanitizers
        • 6 mins
        • 172 MB

        4. Crashes Analysis

        4.0 - Crashes Triaging
        • 4 mins
        • 113 MB
        4.1 - Bucketing
        • 11 mins
        • 355 MB
        4.2 - Crashes minimization
        • 17 mins
        • 538 MB
        4.3 - Debugging / Root cause analysis
        • 12 mins
        • 386 MB

        5. In-Process Fuzzing

        5.0 - In-Process Fuzzing
        • 5 mins
        • 159 MB
        5.1 - Libfuzzer
        • 10 mins
        • 320 MB
        5.2 - Libfuzzer (Labs correction)
        • 10 mins
        • 309 MB
        5.3 - AFL++
        • 14 mins
        • 436 MB
        5.4 - Honggfuzz
        • 9 mins
        • 268 MB
        5.5 - Exercises
        • 4 mins
        • 111 MB
        5.6 - Exercise #1 - Solution
        • 11 mins
        • 346 MB
        5.7 - Exercise #2 - Solution
        • 4 mins
        • 133 MB
        5.8 - Exercise #3 - Solution
        • 10 mins
        • 309 MB

        6. Generation-based Fuzzing

        6.0 - Grammar-based Fuzzing
        • 10 mins
        • 310 MB
        6.1 - Structure-aware Fuzzing
        • 10 mins
        • 303 MB

        7. Advanced Testing Techniques

        7.0 - Property-based testing
        • 4 mins
        • 111 MB
        7.1 - Symbolic Execution
        • 4 mins
        • 128 MB
        7.2 - Concolic Testing / DSE
        • 7 mins
        • 229 MB
        7.3 - Differential Fuzzing
        • 17 mins
        • 565 MB

        8. Exercises

        8.0 - Interesting targets
        • 5 mins
        • 153 MB
        8.1 - Exercise #1
        • 3 mins
        • 80.2 MB
        8.2 - Exercise #1 - Solution
        • 5 mins
        • 154 MB
        8.3 - Exercise #2
        • 4 mins
        • 104 MB
        8.4 - Exercise #2 - Solution
        • 6 mins
        • 168 MB
        8.5 - Exercise #3
        • 3 mins
        • 86.2 MB
        8.6 - Exercise #3 - Solution
        • 9 mins
        • 279 MB
        8.7 - Exercise #4
        • 3 mins
        • 73.5 MB
        8.8 - Exercise #4 - Solution
        • 8 mins
        • 249 MB

        Conclusion / Thank You

        Closing remarks
        • 6 mins
        • 196 MB
        Provide Feedback Here

          • $1,300

          C/C++ Whitebox Fuzzing

            Learn how to use famous fuzzing framework, develop harnesses and apply different fuzzing techniques to find bugs in C/C++ source code.
            🎞️ 40+ videos / ⏱️ 5+ hours / πŸ‘¨β€πŸ’» 25+ exercises

            Meet Your Instructor

            Hey! πŸ‘‹ My name is Patrick and I'm the founder of FuzzingLabs, a research-oriented security company specializing in fuzzing, vulnerability research, and reverse engineering.

            Over time, we found hundreds of bugs and presented our work at various security conferences around the globe, including BlackHat USA, OffensiveCon, REcon, Devcon, EthCC, RingZer0, ToorCon, hack.lu, NorthSec, Microsoft DCC, etc.

            You can read more about me by clicking here.

            FREE Resources & Trainings

            Enter your email to receive special deals and a bundle of awesome resources. 100% free - 100% awesome. πŸ‘‡

            You're signing up to receive emails from FuzzingLabs Academy