Introduction to Fuzzing Python code

1. Fuzzing Python code using pythonfuzz

In this first course, I will select a popular Python package (pyasn1) and find some interesting methods to fuzz. Then, I’ll explains how to create a pythonfuzz fuzzing target and how to customize it. Finally, I’ll show how to run the fuzzer and explain some particularity of pythonfuzz.

2. Fuzzing Python code using Atheris

In this second course, I will fuzz the famous beautifulsoup4 library in order to find uncaught Python exception. I will explain how to create a fuzzing harness using the Atheris fuzzer. Then, I will run it and show you how to replay when you trigger a crash.

3. Differential Fuzzing to find logic bugs

In this course, we will target 2 different Python email validation  packages. We will develop a simple differential fuzzer to find any implementation/behavior differences. This technique will help us to find logic bugs easily by detecting incorrectness in target’s results.

4. How I found 2 BUGS in the "TOP 3 Most Downloaded" PyPI package with Google's Atheris Fuzzer

In this video, I will show you how I found at least 2 BUGS inside idna, the TOP 3 Monthly Most downloaded PyPI package. I will show you how to develop some compatible fuzzers for Google’s Atheris fuzzer and how to run them. Finally, I will explain how to improve your fuzzing process and how to debug when python unhandled exceptions crashes are triggered.

You will get access of the complete tutorials with source codes, cheatsheets and or complete videos tutorial right below or at this address.

Complete video tutorial

I hope you will appreciate and you can discover more about my courses here.

Thank You,

Patrick Ventuzelo / @Pat_Ventuzelo

Twitter Linkedin-in Github

FREE Courses & Training

Enter your email and we'll send you a bundle of awesome resources. 100% free - 100% awesome.

Any questions about our services and trainings ?

Get in touch today with any questions that you might have.

Contact us