Our great sponsors
-
fuzzing
Tutorials, examples, discussions, research proposals, and other resources related to fuzzing
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
so I just wanted to start to fuzz a little bit and I used libfuzzer for that. and as you can tell in this tutorial https://github.com/google/fuzzing/blob/master/tutorial/libFuzzerTutorial.md it tells you that if you leave it running like that you will get a bounty. and so I did exactly this, I followed the exact instructions listed there(I fuzzed this woff thing they mentioned) and my fuzzer said "SUMMARY: AddressSanitizer: heap-buffer-overflow" can I report that? or is this woff thing just for testing?
The github you linked already has the framework on "how" to do it. If you are looking for the newest version, if you follow the path on that github they link you back to googles repo. Just clone this repo and compile it, and you will have the latest version.