Disclaimer: I wrote this post a while ago, and definitely before I had enough knowledge to really share accurately. Feel free to read on, but there's probably a lot of bad info in this. You're bad at fuzzing unknown binary protocols, huh? Yeah, well, me too. In fact, I've only done it once, and I had an RFC to look at, so I guess it technically wasn't an 'unknown' protocol... and it was mostly a walkthrough. So, we'll go start to finish on this in a few posts, maybe. Pre-Requisites: Familiarity with debuggers, i.e. OllyDBG Immunity Familiarity with: Fuzzers (SPIKE, boofuzz, sulley, etc) scapy Python Wireshark Assembly (sorta) Stack Based Buffer Overflows SEH Exploits Virtual Machines Attacker Kali? Windows? Whatever floats your boat. Victim x 2 Windows 7+ Note: If you're using windows as the attacking machine, you don't need two victim machines. That's probably it? Okay, so this post is a work in pr