Skip to main content

Posts

Featured

Fuzzing with Radamsa

Today we would look at Radamsa, it is a general-purpose, black-box oriented mutating fuzzer. We would be using Radamsa, to generate multiple input files from one single standard file.
Installing Radamsa

Verifying successful installation of tool. Suppose we are fuzzing the PDF reader and we have one input file (aka corpus) and we want to generate more set of input files to feed as input to Fuzzer (E.g: - AFL) we can leverage Radamsa for this job.

Let's see how to perform above mentioned task. Kindly prepare 2 folders for input and output. Place the initial seed file in input folder (in our case its emptyX.pdf) Since we know there are different mutations supported by Radamsa. For demo purpose we would be using one of them.

Below we can see feeding the input file to Radamsa and mentioning the mutation type. Let's see the content of output directory for generated files. Also we can see below, Radamsa generated mutated files are with varying file size too.
Happy Hacking !!

Latest posts

Domain-Specific Fuzzing with Waypoints using FuzzFactory

RDP Hijacking

CloudGoatChallenges - RCE Web App

PrivExchange : One Hop away from Domain Admin

Bypassing PaloAlto Traps EDR Solution

BloodHound 2.0 walkthrough on Kali 2018

Mapping Network using Sharphound

Active Directory Attack - DCSync

Active Directory Attack - DCShadow

Machine Accounts in Pentest Engagement