WinAFL Fuzzing Bootcamp (WFB)

Overview

The WinAFL Fuzzing Bootcamp (WFB) is designed for cybersecurity professionals who want to master the art of fuzz testing using the WinAFL tool. Offered by the MCSI, this bootcamp focuses on coverage-guided fuzzing techniques to identify vulnerabilities in closed-source binaries.

The bootcamp validates an individual’s ability to:

• Build and optimize fuzzing harnesses for effective testing.
• Identify and triage vulnerabilities, including stack-overflow issues.
• Utilize WinAFL to maximize fuzz testing performance.

Course Details

The WinAFL Fuzzing Bootcamp includes hands-on exercises that guide participants through the process of setting up and executing fuzz tests. Attendees will work with a test DLL specifically designed to contain a stack-overflow vulnerability.

Topics Covered:

• Introduction to fuzzing and its importance in security testing.
• Setting up WinAFL for coverage-guided fuzzing.
• Building a fuzzing harness tailored for closed-source binaries.
• Techniques for optimizing fuzzing performance and triaging discovered bugs.

Exam Structure

Participants will engage in practical assessments throughout the bootcamp to evaluate their understanding and application of fuzzing techniques.

Key Exam Requirements:

• Participation in hands-on fuzz testing exercises.
• Demonstration of harness-building skills for effective vulnerability discovery.
• Documentation of identified vulnerabilities and testing methodologies.

Who Should Take WFB?

The WinAFL Fuzzing Bootcamp is ideal for:

• Aspiring Malware Developers looking to enhance their exploitation skills.
• Penetration Testers aiming to improve their vulnerability discovery techniques.
• Red Team Specialists focused on offensive security testing methodologies.

Resources

• Bootcamp Details: WinAFL Fuzzing Bootcamp