Network Protocol Fuzzing — boofuzz & AFL

A protocol parser is the most exposed code you own: it reads bytes off the wire from anyone who can reach the port, before any auth runs. Fuzzing is how you find the spot where it trusts a length field it should not, or dereferences a pointer it never checked. This walks the two families that matter — boofuzz for stateful protocols you drive over the network, and AFL++ for coverage-guided hammering of the parser itself — with real harnessing, triage, and the defences that make the bugs shallow.