4. Fuzzing vs Brute Forcing
Aspect Brute-Forcing (🔓) Fuzzing (🪲)
Purpose To guess correct data To find vulnerabilities in software.
Method
Tries every possible combination
systematically.
Inputs random or malformed data.
Target Authentication systems, encryption keys. Software applications, systems, protocols
5. Types of Fuzzing
BlackBox
● No Input Knowledge
● High Level Testing
● Large Target
Peach Fuzzer
WhiteBox GreyBox
● In Depth Knowledge
● Low Level Testing
● Specific Target
KLEE, SAGE
● Limited Knowledge
● Balanced Testing
● Focused Broad Target
AFL, ClusterFuzz
7. Enough Talk, Show me some Action !!
https://github.com/AFLplusplus/AFLplusplus/blob/stable/docs/INSTALL.md
https://github.com/mykter/afl-training
https://github.com/antonio-morales/Fuzzing101
8. Where Do I use This Knowledge?
● web form
● API
● Authentication
Webapps
❏ ZAPP
❏ WFuzz
● System Tools
● Libraries
● Firmware
● Device Drivers
Binary
❏ AFL
❏ LibFuzzer
Network
❏ Scapy
❏ Sulley
Generic
❏ Peach
❏ Atheris
❏ go-fuzz
● TCP / IP
● L7 Protocols
● Communication
● Utility
● Scripts
● Backend Services
9. Real World Applications
Independent
Research
03
02
Google OSS-Fuzz
● 36,000+ bugs
● CVE-2016-5172 (Chrome),
● CVE-2017-3731 (OpenSSL),
● CVE-2018-20225 (LibreOffice)
01
Microsoft SLDC ● CVE-2020-0601 (Windows CryptoAPI)
● CVE-2019-0803 (Windows)
● CVE-2018-8174 (Internet Explorer)
● Heartbleed (CVE-2014-0160)
● Shellshock (CVE-2014-6271)
● BlueKeep (CVE-2019-0708)
● Linux Kernel (CVE-2014-0196)