Introduction to Blackbox Fuzzing: Binary-only fuzzing using AFLplusplus QEMU mode
Blogpost

Introduction to Blackbox Fuzzing: Binary-only fuzzing using AFLplusplus QEMU mode

Introduction to Blackbox FuzzingBinary-only fuzzing using AFLplusplus QEMU mode In this really basic course, I will use AFL++ to fuzz an already compiled binary. I will first explain how afl QEMU mode is working and why it’s impacting the performance. Then, we will fuzz the PDFinfo binary and we will improve the coverage by providing…

Fuzzing JavaScript npm/nodejs/code (omggif) using jsfuzz
Blogpost

Fuzzing JavaScript npm/nodejs/code (omggif) using jsfuzz

Fuzzing JavaScript npm/nodejs packages using jsfuzz In this course, I will fuzz a JavaScript npm / nodejs library (omggif) in order to find uncaught JavaScript exceptions. I will explain how to create a fuzzing harness for this target, run the fuzzer (jsfuzz), handle expected exceptions, analyze a crash and create a minimal crashing reproducer. You will get access of the complete tutorial with…

Fuzzing C/C++ program using honggfuzz
Blogpost

Fuzzing C/C++ program using honggfuzz

Fuzzing C code / C++ programs using honggfuzz Tutorial In this tutorial, I will show how you can start fuzzing C code and C++ programs (binutils/readelf) very easily using honggfuzz. I will first compile honggfuzz and briefly explain the main mechanism behind it. Then, I will compile the targeted program (binutils / readelf) using the honggfuzz compilers. Finally,…

Fuzzing Golang package using go-fuzz and libfuzzer
Blogpost

Fuzzing Golang package using go-fuzz and libfuzzer

Fuzzing golang packages using go fuzz & libfuzzer In this course, I will first select a popular Golang package and identify the most interesting methods to fuzz. Then, I’ll explains how to use go fuzz and libfuzzer to compile the golang fuzzing target. Finally, I’ll show how to run the fuzzer. You will get access of the complete tutorial with…

Reversing Ewasm contract 101 – EthCC 2020
Blogpost

Reversing Ewasm contract 101 – EthCC 2020

Reversing Ewasm smart contracts 101 – EthCC 2020 I just gave a talk/workshop today (03/2020) at EthCC 2020 (Paris – France), about reversing Ewasm (Ethereum flavored WebAssembly) smart contract. In this talk, I briefly introduce WebAssembly concepts , Ewasm ethereum specificity and opcodes/instructions. Secondly, I show how to create Ewasm smart contracts and expose different techniques/tools…

Fuzzing npm/nodejs WebAssembly parsing library with jsfuzz
Blogpost

Fuzzing npm/nodejs WebAssembly parsing library with jsfuzz

Fuzzing javascript nodejs/npm WebAssembly parsing library with jsfuzz I asked recently on twitter what should be my next blogpost subject and voters choose this one, so here it is. In this short blogpost, I will first introduce jsfuzz, a coverage-guided javascript fuzzer for nodejs/npm packages. Then, I’ll discuss about the wasm binary parsing library I…

Fuzzing JavaScript WebAssembly APIs using Dharma/Domato (Chrome/v8)
Blogpost

Fuzzing JavaScript WebAssembly APIs using Dharma/Domato (Chrome/v8)

Fuzzing JavaScript WebAssembly APIs using Dharma/Domato (V8 engine) First of all, Happy new hacking year everyone 😉 I got asked multiple time if fuzzing WebAssembly APIs of Javascript engines is complicated, so here is a short tutorial using Dharma (but you can use Domato if you prefer). In this blogpost, I will first detailed which WebAssembly…