Fuzz Dojo.

Forum link: https://discord.com/channels/750635557666816031/1409993436328759328

• Dec 5, 2025 update: 20 individuals have completed the study, and 10 gift cards ($50) are still available.

Fuzzing is a powerful automated technique that feeds a program many unexpected or malformed inputs and monitors it for crashes, hangs, or other anomalous behavior. The Fuzz Dojo is a training program developed by an ASU PhD student to help you design and implement fuzz drivers via an online platform that streamlines the process. This program is part of a research study examining the effectiveness of these teaching tools. You’ll also gain hands-on experience with OSS-Fuzz, Google’s large-scale continuous fuzzing infrastructure for open-source software, giving you direct insight into real-world bug-finding workflows. OSS-Fuzz has been used successfully in over a thousand projects. However, due to its limitations, only about 30% of the code is typically tested, leaving 70% unevaluated, which presents a significant opportunity for improvement.

The Dojo is built around 11 optional training challenges designed to help you become comfortable with the platform and fuzz-driver workflow. While these are optional, they’re strongly recommended. You should be comfortable reading and navigating C++ code. You’ll be assigned two open-source projects (roughly 1,500 to 22,000 LOC) and will search their codebases for suitable functions to fuzz and build fuzz drivers around. New fuzz drivers should increase the overall project code coverage by 5% or more. You also have the option to submit your work to Google for a monetary compensation of up to $10,000, as described in the training slides.

This is a programming challenge. Fuzz drivers for these real-world challenges are typically between 30 to 200 LOC. The Real-World Fuzzing module consists of four challenges:

• 2 practice tasks (with full coding solutions included in the training slides)
• 2 real-world-style tasks where you’ll write new fuzz drivers

The first 30 participants to will be rewarded with a $50 Amazon gift card upon completion of the study. Valid contact information required. Limit 1 submission per person.

Minimum requirements for the $50 award are:

1. Consent Form Challenge
2. Initial Survey - https://forms.gle/FWF1iEn9pLpkRMGq9
3. Completion of all (4) Real-World Fuzzing Challenges (2 demo, 2 real)
4. Exit Survey https://forms.gle/uG8yik8pXFRXQHSGA

To see how many people have completed the study, open the "Real World Fuzzing" module below and check on the "All-Time" scoreboard how many people have a score of 4.

In the interest of this study's integrity, please refrain from exploiting any bugs or vulnerabilities discovered during testing.