C/C++ WHITEBOX FUZZING
This course will teach you everything you need to know to start fuzzing C/C++ source code using different fuzzing techniques. You will learn how to use famous coverage-guided fuzzing framework (afl, libfuzzer, honggfuzz) and create custom fuzz target harnesses. Then, you will learn how to evaluate and improve your fuzzing results, debug and analyze crashes. Finally, you will discover some other more advanced testing techniques to find in-depth bugs. During the all training, you will only target real-life/popular C/C++ libraries.
Topics Covered during this Course
- Introduction to Fuzzing
- Coverage-guided Fuzzing
- afl / honggfuzz
- Improve your Fuzzing workflow
- Corpus/inputs selection
- Code coverage / Corpus minimization
- Crashes Analysis
- Crashes minimization / Bucketing / Debugging / Root cause analysis
- In-Memory fuzzing
- libfuzzer / afl / honggfuzz
- Generation-based fuzzing
- Structure-aware
- Grammar-based Fuzzing with dictionaries
- Other Advanced Testing techniques
- Symbolic Execution / Concolic Execution
- Differential Fuzzing
CLASS REQUIREMENTS
Participants should have some basis with the C/C++ language and Linux. This course is suitable for people that are new to C/C++.
Hardware Requirements
A working laptop capable of running virtual machines. 4GB RAM required, at a minimum. 40 GB free Hard disk space. Minimum software to install Virtualbox or VMware Player, VMware Workstation, VMware Fusion.