Fuzz Dojo.

Forum link: https://discord.com/channels/750635557666816031/1409993436328759328

Fuzzing is a powerful technique used in both academia and industry to automate software testing. It has also become the standard approach for discovering zero-day vulnerabilities. Google considers fuzzing to be their first line of defense, and has built an open source version of their fuzzing platform, known as OSS-Fuzz, to continually test popular open source software. OSS-Fuzz has been used successfully in over a thousand projects. However, due to its limitations, only about 30% of the code typically gets tested, leaving 70% unevaluated.

You will learn in this dojo how to create and improve fuzz testing drivers for real-world software. You will have access to a wide array of training materials and have the opportunity to create two new real fuzz drivers, with the option to submit your work to Google for a monetary compensation of up to $10,000. New fuzz drivers should increase the overall project code coverage, cover a wide range of API functions and data dependencies, and achieve a good speed of executions/sec.

Initial Survey https://forms.gle/FWF1iEn9pLpkRMGq9

Exit Survey https://forms.gle/uG8yik8pXFRXQHSGA

The first 30 participants to complete the module and the surveys will be rewarded with a $50 Amazon gift card upon completion of the study. Valid contact information required. Limit 1 submission per person.

The Bash (Bourne Again SHell) is required for some of these challenges. This is the default shell unless you change it.

In the interest of this study's integrity, please refrain from exploiting any bugs or vulnerabilities discovered during testing.