Wfuzz VS ffuf – Who is the faster web fuzzer for bug bounty? Web Security #1

Wfuzz VS ffuf – Who is the faster web fuzzer for bug bounty? Web Security #1

ByPatrick Ventuzelo

Wfuzz VS ffuf – Who is the faster web fuzzer for bug bounty? Web Security #1 In this video, I’m fuzzing a local HTTP server using the most famous and best web fuzzers wfuzz and ffuf. The goal is to give you some quick tutorials, compare the speed between them and explain why we have…

Can we find Log4Shell with Java Fuzzing? 🔥 (CVE-2021-44228 – Log4j RCE)

Can we find Log4Shell with Java Fuzzing? 🔥 (CVE-2021-44228 – Log4j RCE)

ByPatrick Ventuzelo

Can we find Log4Shell with Java Fuzzing? 🔥(CVE-2021-44228 – Log4j RCE) In this video, I’m trying to find the famous java Log4Shell RCE (CVE-2021-44228) using fuzzing. I’m targeting apache log4j2 version 2.14.1 and I’m using Jazzer, the Java fuzzer developed by Code Intelligence. I will show and give you everything to reproduce the same at…

WHY fuzzers MISSED this buffer-overflow in Mozilla NSS library? 🤦‍♂️ (CVE-2021-43527 explained)

WHY fuzzers MISSED this buffer-overflow in Mozilla NSS library? 🤦‍♂️ (CVE-2021-43527 explained)

ByPatrick Ventuzelo

Analysis of Mozilla NSS BigSig Vulnerability & Fuzzing issues(CVE-2021-43527) Today I will like to discuss the Mozilla NSS BigSig vulnerability found recently by @taviso from Google Project Zero. Inside its blogpost, Tavis Ormandy detailed the vulnerability and mentioned some really good points about why this bug was not found using fuzzing by OSS-fuzz. It’s a…

Fuzzing with Scapy: Introduction to Protocol Fuzzing (DNS & TCP packets)

Fuzzing with Scapy: Introduction to Protocol Fuzzing (DNS & TCP packets)

ByPatrick Ventuzelo

Fuzzing with Scapy: Introduction to Network Protocol Fuzzing  In this video, I’m showing how to use Scapy python for network protocol fuzzing. We will first start with a DNS python fuzzing script against dpkt python library. Finally, we will see how what a crash looks like since dpkt will generate an exception after TCP fuzzing. https://youtu.be/yrmPRYSEdg0 You will get access of…

Fuzzing Browsers DOM using FreeDom grammar-based fuzzer

Fuzzing Browsers DOM using FreeDom grammar-based fuzzer

ByPatrick Ventuzelo

Fuzzing Browsers DOM using FreeDom grammar-based fuzzer In this video, I will first explain how to download Chrome ASAN build. Then, I’ll detail what is DOM (Document Object Model) and how it is used by web browsers. I’ll use the FreeDom grammar-based fuzzer to generate some HTML files and create a simple script to process…

Fuzzing Firefox using In-process Fuzzing with Frida

Fuzzing Firefox using In-process Fuzzing with Frida

ByPatrick Ventuzelo

Fuzzing Firefox using In-process Fuzzing with Frida As asked by a lot of you, today’s blogpost is about browser security. First I will show how to download easily Firefox compiled with AddressSanitizer (ASAN). Then, I will show how to use Frida to list all modules and exports of Firefox. I will show some other interesting…

Learning Hacking & Fuzzing books ressources​

Learning Hacking & Fuzzing books ressources​

ByPatrick Ventuzelo

Top 4 books to learn about Fuzz Testing & Vulnerability Research in 2022 Today, I will like to show you my TOP 4 Hacking Books to Start learning Fuzzing and Vulnerability Research. Fuzzing: Brute Force Vulnerability Discovery – link Fuzzing for Software Security Testing and Quality Assurance – link A Bug Hunter’s Diary – link…

Introduction to JavaScript Fuzzing

Introduction to JavaScript Fuzzing

ByPatrick Ventuzelo

Introduction to JavaScript Fuzzing​ 1. JavaScript Fuzzing of npm/nodejs/code (omggif) using jsfuzz In this course, I will fuzz a JavaScript npm/nodejs library (omggif) in order to find uncaught JavaScript exceptions. I will explain how to create a fuzzing harness for this target, run the fuzzer (jsfuzz), handle expected exceptions, analyze a crash and create a…