In this course, I will fuzz a JavaScript npm/nodejs library (omggif) in order to find uncaught JavaScript exceptions. I will explain how to create a fuzzing harness for this target, run the fuzzer (jsfuzz), handle expected exceptions, analyze a crash and create a minimal crashing reproducer.
Today, I will use jsfuzz to find unhandled exceptions inside a famous TypeScript library (chrono-node). This library is a perfect kind of target for fuzzing since it’s parsing data and the APIs are simple. I will first explain which API we will fuzz, then how to create a fuzzing harness, trigger some bugs and finally show you how to easily debug the crashes.
You will get access of the complete tutorial with source code, cheat sheet and or complete video tutorial right below or at this address.
I hope you will appreciate and you can discover more about my courses here.
Thank You,