Login
FuzzingLabs Academy/Introduction to C/C++ Fuzzing
Get access for free

  • Free

Introduction to C/C++ Fuzzing

Learn how to fuzz a C/C++ program or library using afl, libfuzzer or honggfuzz.
 📝 Cheatsheet / 🎞️ Video

Enroll Now
In this tutorial, I will show how you can start fuzzing a real C/C++ program (binutils/readelf) very easily using honggfuzz. I will first compile honggfuzz and briefly explain the main mechanism behind it. Then, I will compile the targeted program (binutils / readelf) using the honggfuzz compilers. Finally, I'll run honggfuzz and show you the easiest way to improve the fuzz when you start out.

Fuzz testing C++ code using Google Honggfuzz fuzzer

Video: Complete step-by-step tutorial
    Cheatsheet : All the commands for the tutorial
    • 1.35 KB

    WHY fuzzers MISSED this buffer-overflow in Mozilla NSS library? 🤦‍♂️ (CVE-2021-43527 explained)

    Today I will like to discuss the Mozilla NSS BigSig vulnerability found recently by @taviso from Google Project Zero. Inside its blogpost, Tavis Ormandy detailed the vulnerability and mentioned some really good points about why this bug was not found using fuzzing by OSS-fuzz. It's a really interesting case to analyze if you're writing fuzzers because there is a lot of interesting lessons to learn from it.

    Video

      Going Deeper: C/C++ Whitebox Fuzzing - Training description

      Video

        C/C++ Whitebox Fuzzing

        Learn how to use famous fuzzing framework, develop harnesses and apply different fuzzing techniques to find bugs in C/C++ source code.
        🎞️ 40+ videos / ⏱️ 5+ hours / 👨‍💻 25+ exercises
        Discover this course!

        Meet Your Instructor

        Hey! 👋 My name is Patrick and I'm the founder of FuzzingLabs, a research-oriented security company specializing in fuzzing, vulnerability research, and reverse engineering.

        Over time, we found hundreds of bugs and presented our work at various security conferences around the globe, including BlackHat USA, OffensiveCon, REcon, Devcon, EthCC, RingZer0, ToorCon, hack.lu, NorthSec, Microsoft DCC, etc.

        You can read more about me by clicking here.
        XLinked_inYoutubeWebsiteMail

        FREE Resources & Trainings

        Enter your email to receive special deals and a bundle of awesome resources. 100% free - 100% awesome. 👇

        You're signing up to receive emails from FuzzingLabs Academy