Introduction to Blackbox Fuzzing

1. Binary-only Fuzzing using AFL++ QEMU mode

In this really basic course, I will use AFL++ to fuzz an already compiled binary. I will first explain how afl++ QEMU mode is working and why it’s impacting the performance. Then, we will fuzz the pdfinfo binary and we will improve the coverage by providing additional pdf files into the corpora.

2. Honggfuzz QEMU-mode & Hardware-based coverage

In this video, I will use both honggfuzz QEMU mode and honggfuzz Hardware-based coverage to fuzz a compiled binary. I will explain how those modes are working, fuzz the pdfinfo binary with QEMU mode and then fuzz it with hardware-based coverage mechanisms.

3: AFL/AFL++ VS Honggfuzz, who is the best?

In this video, I’m discussing why AFL/AFL++ is better than Honggfuzz for BlackBox fuzzing. We will go through some Google FuzzBench results and see which other AFL++ modes can be used for fuzzing binary-only targets.

4. Binary-only fuzzing using AFL++ FRIDA mode

In this video, I will use both honggfuzz QEMU mode and honggfuzz Hardware-based coverage to fuzz a compiled binary. I will explain how those modes are working, fuzz the pdfinfo binary with QEMU mode and then fuzz it with hardware-based coverage mechanisms.

5. E9AFL - How to Fuzz Binaries w/o Recompilation using Static Binary Rewriting?

In this video, I will discover a new tool called e9afl. E9AFL allows us to insert the AFL instrumentation without recompilation via static binary rewriting. I will show you how to install this tool and how to use it. Finally, I will compare the result and performance against AFL++ QEMU mode.

6. How to generate millions of files using Grammar-based fuzzing (FormatFuzzer)

In this video, I’m testing a new grammar-based fuzzer named FormatFuzzer. This fuzzer leverages 010 editor templates to generate valid or pseudo-valid files. The tool is really nice, easy to use, and allows you to create a corpus of millions of interesting files

You will get access of the complete tutorial with source code, cheat sheet and or complete video tutorial right below or at this address.

I hope you will appreciate and you can discover more about my courses here.

Thank You,

Patrick Ventuzelo / @Pat_Ventuzelo

FREE Courses & Training

Enter your email and we'll send you a bundle of awesome resources. 100% free - 100% awesome.

Any questions about our services and trainings ?

Get in touch today with any questions that you might have.