Go Fuzzing and Crash Analysis

Learn how to use Golang fuzzers, develop harnesses and apply different fuzzing techniques to find bugs.

What you'll learn?

In this course, you will discover how to use existing Go fuzzing coverage-guided frameworks, triage/debug crashes, and improve your code coverage. Finally, you will discover how to build custom Go fuzzers and implement advanced fuzzing techniques to find in-depth bugs on popular Go packages.

Along with this training, students will deal with a lot of hands-on exercises allowing them to internalize concepts and techniques taught in class.

Introduction to Fuzzing
Coverage-guided Fuzzing
- go-fuzz / libfuzzer
Go Fuzz testing workflow and Corpus selection
Code coverage, Corpus minimization
Crashes Triaging and Debugging
Other Advanced Fuzz Testing techniques
Differential Go Fuzzing
Writing Custom Go Fuzzers

$2,400

Go Security Audit and Fuzzing

Bundle
3 Products

Learn which kind of security vulnerabilities/bugs can be found inside Go code, how to detect them statically and automatically using fuzzing techniques. 🎞️ 90 videos / ⏱️ 7.5 hours / 👨‍💻 25+ exercises

Buy now Learn more

What's included?

Welcome & Summary

Welcome & Overview

Preview

Summary

Preview

Materials

Day2_Go_Security_Fuzzing_And_Crash_Analysis_v1_0.pdf

Day2_Go_Security_Fuzzing_And_Crash_Analysis_v1_1.pdf

go_security_day_2.zip

1. Introduction to Fuzzing

1.0 - Introduction to fuzzing

2. Coverage-guided Fuzzing

2.0 - Coverage guided fuzzing

2.1 - Go-fuzz

2.2 - Go-fuzz: labs

2.3 - libfuzzer + labs

2.4 - testing/fuzz + labs

2.5 - Who is the best fuzzer

2.6 - Exercises

2.7 - Exercise 1: Correction

2.8 - Exercise 2: Correction

2.9 - Exercise 3: Correction

3. Fuzzing workflow

3.0 - Corpus selection

3.1 - Code coverage

3.2 - Corpus minimization

4. Crashes Analysis

4.0 - Crashes analysis

4.1 - Bucketing

4.2 - Crashes minimization

4.3 - Debugging / RCA

5. Generation-based fuzzing

5.0 - Grammar based fuzzing

5.1 - Structure aware fuzzing

5.2 - Exercises

5.3 - Exercise 1: Correction

5.4 - Exercise 2: Correction

6. Advanced testing techniques

6.0 - Property based testing

6.1 - Concolic testing

6.2 - Differential fuzzing

6.3 - Exercises

6.4 - Exercise 1: Correction

6.5 - Exercise 2: Correction

6.6 - Custom fuzzers

7. Exercises

7.0 - Interesting targets

7.1 - Exercise 1

7.2 - Exercise 1: Correction

7.3 - Exercise 2

7.4 - Exercise 2: Correction

7.5 - Exercise 3

7.6 - Exercise 3: Correction

7.7 - Exercise 4

7.8 - Exercise 4: Correction

7.9 - Exercise 5

7.10 - Exercise 5: Correction

7.11 - Exercise 6

7.12 - Exercise 6: Correction

7.13 - Exercise 7

7.14 - Exercise 7: Correction

7.15 - Other exercises

Conclusion / Thank You

8.0 - Closing remarks

Give me your feedback!

$2,400

Go Security Audit and Fuzzing

Bundle
3 Products

Buy now Learn more

Meet Your Instructor

Hey! 👋 My name is Patrick and I'm the founder of FuzzingLabs, a research-oriented security company specializing in fuzzing, vulnerability research, and reverse engineering.

Over time, we found hundreds of bugs and presented our work at various security conferences around the globe, including BlackHat USA, OffensiveCon, REcon, Devcon, EthCC, RingZer0, ToorCon, hack.lu, NorthSec, Microsoft DCC, etc.

You can read more about me by clicking here.

X Linked_in Youtube Website Mail

FREE Resources & Trainings

Enter your email to receive special deals and a bundle of awesome resources. 100% free - 100% awesome. 👇