Fuzzing Blogpost & Research | Page 7 Of 9

PoC 2022 – Practical Browser Fuzzing On-site Training

ByLeane 01/24/202202/13/2025

POC 2022 – Training Announcement Practical Web Browser Fuzzing Training Kickstart your journey into the intricate world of web browser fuzzing at PoC 2022! This exclusive training, led by expert Patrick Ventuzelo, is your opportunity to master advanced fuzzing techniques and uncover vulnerabilities in some of the most widely used software globally. Overview Web browsers are…

fuzzing tips advices vulnerability research

Blogpost | Fuzzing

Top 5 Best Fuzzing & Vulnerability Research TIPS/ADVICE

ByPatrick Ventuzelo 01/19/202208/28/2024

Top 5 Best Fuzzing & Vulnerability Research TIPS/ADVICE Today I’m giving you my top 5 best tips and advice if you’re starting with fuzzing and vulnerability research. I hope you will appreciate and you can discover more about my courses here. Thank You, Patrick Ventuzelo / @Pat_Ventuzelo Twitter Linkedin-in Github FREE Courses & Training Enter your…

wfuzz ffuf faster web fuzzer fuzzing bug bounty

Blogpost | Web

Wfuzz VS ffuf – Who is the faster web fuzzer for bug bounty? Web Security #1

ByPatrick Ventuzelo 01/13/202212/13/2024

Wfuzz VS ffuf – Who is the faster web fuzzer for bug bounty? Web Security #1 In this video, I’m fuzzing a local HTTP server using the most famous and best web fuzzers wfuzz and ffuf. The goal is to give you some quick tutorials, compare the speed between them and explain why we have…

Blogpost | Mobile

Learn Android Hacking & Security

ByPatrick Ventuzelo 01/04/202212/13/2024

Learn more about Android Hacking & Security Top books to learn Android Hacking & Security Today, I will like to show which books I used to learn about Android Hacking and Android Security. Most of them are a bit old but not completely deprecated hopefully. Android Hacker’s Handbook – link Android Security Internals – link…

log4j log4j2 rce log4shell java fuzzing library fuzz testing jazzer code intelligence

Blogpost | Fuzzing | Java | Web

Can we find Log4Shell with Java Fuzzing? 🔥 (CVE-2021-44228 – Log4j RCE)

ByPatrick Ventuzelo 12/13/202112/13/2024

Can we find Log4Shell with Java Fuzzing? 🔥(CVE-2021-44228 – Log4j RCE) In this video, I’m trying to find the famous java Log4Shell RCE (CVE-2021-44228) using fuzzing. I’m targeting apache log4j2 version 2.14.1 and I’m using Jazzer, the Java fuzzer developed by Code Intelligence. I will show and give you everything to reproduce the same at…

mozilla nss BigSig buffer overflow google project zero

Blogpost

WHY fuzzers MISSED this buffer-overflow in Mozilla NSS library? 🤦‍♂️ (CVE-2021-43527 explained)

ByPatrick Ventuzelo 12/08/202103/14/2023

Analysis of Mozilla NSS BigSig Vulnerability & Fuzzing issues(CVE-2021-43527) Today I will like to discuss the Mozilla NSS BigSig vulnerability found recently by @taviso from Google Project Zero. Inside its blogpost, Tavis Ormandy detailed the vulnerability and mentioned some really good points about why this bug was not found using fuzzing by OSS-fuzz. It’s a…

scapy protocol fuzzing fuzz testing python

Blogpost | Fuzzing | Networking

Fuzzing with Scapy: Introduction to Protocol Fuzzing (DNS & TCP packets)

ByPatrick Ventuzelo 11/23/202112/13/2024

Fuzzing with Scapy: Introduction to Network Protocol Fuzzing In this video, I’m showing how to use Scapy python for network protocol fuzzing. We will first start with a DNS python fuzzing script against dpkt python library. Finally, we will see how what a crash looks like since dpkt will generate an exception after TCP fuzzing. https://youtu.be/yrmPRYSEdg0 You will get access of…

fuzzing chrome browser fuzz testing dom grammar based fuzzing freedom dharma firefox

Blogpost | Browser | Offensive

Fuzzing Browsers DOM using FreeDom grammar-based fuzzer

ByPatrick Ventuzelo 10/26/202112/13/2024

Fuzzing Browsers DOM using FreeDom grammar-based fuzzer In this video, I will first explain how to download Chrome ASAN build. Then, I’ll detail what is DOM (Document Object Model) and how it is used by web browsers. I’ll use the FreeDom grammar-based fuzzer to generate some HTML files and create a simple script to process…

fuzzing firefox browser in-process fuzz testing frida hook

Blogpost | Browser | Offensive

Fuzzing Firefox using In-process Fuzzing with Frida

ByPatrick Ventuzelo 10/19/202112/13/2024

Fuzzing Firefox using In-process Fuzzing with Frida As asked by a lot of you, today’s blogpost is about browser security. First I will show how to download easily Firefox compiled with AddressSanitizer (ASAN). Then, I will show how to use Frida to list all modules and exports of Firefox. I will show some other interesting…

Blogpost | Fuzzing

Learning Hacking & Fuzzing books ressources

ByPatrick Ventuzelo 09/14/202108/28/2024

Top 4 books to learn about Fuzz Testing & Vulnerability Research in 2022 Today, I will like to show you my TOP 4 Hacking Books to Start learning Fuzzing and Vulnerability Research. Fuzzing: Brute Force Vulnerability Discovery – link Fuzzing for Software Security Testing and Quality Assurance – link A Bug Hunter’s Diary – link…

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Follow us

We value your privacy