Introduction to Fuzzing

Fuzz Dojo.

Important Resources:

Challenges

Locate the fuzz harnesses in a project. Run /challenge/training in Terminal to start.

Connect with SSH

Link your SSH key, then connect with: ssh [email protected]

Make a change to a fuzzing harness. Run /challenge/training in Terminal to start.

Connect with SSH

Link your SSH key, then connect with: ssh [email protected]

Repair a broken fuzzing harness. Run /challenge/training in Terminal to start.

Connect with SSH

Link your SSH key, then connect with: ssh [email protected]

Increase code coverage by selecting better initial parameters. Run /challenge/training in Terminal to start.

Connect with SSH

Link your SSH key, then connect with: ssh [email protected]

Find a function higher in the call tree that calls this function and fuzz it instead. Run /challenge/training in Terminal to start.

Connect with SSH

Link your SSH key, then connect with: ssh [email protected]

Implement a seed corpus. Run /challenge/training in Terminal to start.

Connect with SSH

Link your SSH key, then connect with: ssh [email protected]

Search for unreached code within a project and create a simple fuzz driver to increase total project code coverage. Run /challenge/training in Terminal to start.

Connect with SSH

Link your SSH key, then connect with: ssh [email protected]

OSS-Fuzz challenges simulate a clean linux setup with only the OSS-Fuzz library available. Learn how to compile a project using only OSS-Fuzz.

Connect with SSH

Link your SSH key, then connect with: ssh [email protected]

Run a code coverage report in this challenge

Connect with SSH

Link your SSH key, then connect with: ssh [email protected]

Run a Fuzz Introspector report

Connect with SSH

Link your SSH key, then connect with: ssh [email protected]

Go through the steps to add a new fuzz driver to an existing OSS-Fuzz project

Connect with SSH

Link your SSH key, then connect with: ssh [email protected]

30-Day Scoreboard:

This scoreboard reflects solves for challenges in this module after the module launched in this dojo.

7-Day | 30-Day | All-Time

Rank		Hacker	Badges		Score

Introduction to Fuzzing

Fuzz Dojo.

pwn.college - Getting Started

Introduction to Fuzzing

Fuzz Dojo only: Building and Running Reports

OSS Fuzz only: Building and Running Reports

Investigating a Project & Picking Functions to Fuzz

AVAHI: Understanding Existing Fuzz Drivers

AVAHI: New Fuzz Driver Creation

BZIP2: Case Study Extending 62% Static Code Coverage to 92%

cJSON: Case Study extending 27% Static Code Coverage to 70%

Submitting your fuzz driver to Google

Challenges

Locate Harnesses

Connect with SSH

Modify a Fuzzing Harness

Connect with SSH

Fix Broken Fuzzing Harness

Connect with SSH

Initial Parameters

Connect with SSH

Improve Coverage Using the Call Tree

Connect with SSH

Implement Seed Corpus

Connect with SSH

Create New Fuzz Driver

Connect with SSH

OSS-Fuzz - Build a Project

Connect with SSH

OSS-Fuzz - Code Coverage

Connect with SSH

OSS-Fuzz - Fuzz Introspector

Connect with SSH

OSS-Fuzz - Add new_fuzzer

Connect with SSH

30-Day Scoreboard:

Introduction to Fuzzing

Fuzz Dojo.

pwn.college - Getting Started

pwn.college - Getting Started