Browser Fuzzing Bootcamp (BF)

Overview

The Browser Fuzzing Bootcamp (BF) is designed for cybersecurity professionals who want to enhance their skills in identifying vulnerabilities within web browsers. Offered by the MCSI, this bootcamp focuses on using the Dharma fuzzer to discover security bugs in popular browsers like Google Chrome, Firefox, and Safari.

The bootcamp validates an individual’s ability to:

• Utilize advanced fuzzing techniques to uncover vulnerabilities.
• Write flexible Dharma scripts for effective fuzz testing.
• Identify various types of memory corruption bugs, including stack overflow and use-after-free vulnerabilities.

Course Details

The Browser Fuzzing Bootcamp includes hands-on exercises that cover fuzzing JavaScript and HTML engines. Participants will learn how to effectively apply fuzzing methodologies to real-world scenarios.

Topics Covered:

• Introduction to fuzzing and its importance in application security.
• Setting up and using the Dharma fuzzer.
• Writing and customizing Dharma scripts for specific testing needs.
• Techniques for discovering and exploiting memory corruption vulnerabilities.

Exam Structure

Participants will engage in practical assessments throughout the bootcamp to evaluate their understanding and application of fuzzing techniques.

Key Exam Requirements:

• Participation in hands-on fuzzing exercises.
• Demonstration of script-writing capabilities for effective testing.
• Identification and documentation of discovered vulnerabilities.

Who Should Take BF?

The Browser Fuzzing Bootcamp is ideal for:

• Aspiring Malware Developers looking to understand exploitation techniques.
• Penetration Testers aiming to improve their skills in vulnerability discovery.
• Red Team Specialists focused on offensive security testing methodologies.

Resources

• Bootcamp Details: Browser Fuzzing Bootcamp