is it possible to craft exploits for non-open source C/C++ software without fuzzing?

imagine that if i wanted to find a vulnerability in a program that is used by a lot of people in order to exploit it.

the program is open source and is written in C/C++ . would this even be possible (fuzzing excluded) as google tells me that it is not possible to reverse engineer a C/C++ .exe file back to source code, that you only get assembly?

can i craft exploits based on assembly alone? would make me really sad if this is not possible.

Fuzzing with a Quantum computer? [on hold]

Are there any projects, solutions, ideas where it is possible to fuzz a software:

https://en.wikipedia.org/wiki/Fuzzing

using quantum computers, quantum programming?

https://en.wikipedia.org/wiki/Quantum_computing

https://en.wikipedia.org/wiki/Quantum_programming

or this combining is not yet possible?

Just thinking that in theory, with a quantum computer, you can check all possible states of a software (checking all possible inputs in a very short time).

What’s a good fuzzing framework for fuzzing a local standalone GUI / network application / Browser?

I am not newbie at exploit development , but I would like to have a solid useful fuzzing framework instead of picking every fuzzing to see if it’s work.. I Have a list of fuzzing framework which I would use in certain cases.

WinAFL,ALF > file format / GUI with reversing(specific target function) Peach , Boofuzz > network protocol

which fuzzer would you recommmend for GUI apps(except webapps) / browsers (TOR,IE,edge , chrome , chromium) ?

I didn’t list spike because the use of Wireshark to find the crash it makes unuseful.

Fuzzing of GUI based windows applications

I have been looking for some options in order to fuzz windows based GUI application. I have an application binary (exe) which has some GUI forms, first it asks for Login and demand username and password in boxes (usual GUI stuff) and then it takes some other inputs afer login. All these inputs I want to fuzz. However I have just experienced in CLI based applications that take arguments which I replace while fuzzing with fuzzer input (afl-fuzz, hongg-fuzz, libfuzzer etc.)

I have searced about GUI fuzzing and got some options below which I am looking into for this project;

  1. winAFL (It demands target function to have some constraints, taking file input and processing it etc.)
  2. CERT BFF
  3. SharpFuzz (As language of test aplication is C#)
  4. HonggFuzz (I am not getting enough documentation on it)

Is there any other better way besides these options and what is the most optimum way to fuzz a GUI based binary?

Fuzzing of Mobile Applications

I have used AFL recently for fuzzing of OPENSSL and it worked great. Now I am interesting in fuzzing mobile applications like I have got some apk and ipa files which i need to fuzz.

I searched on internet and findout about afl-android, ios-afl etc. However they have got less community I guess (I might be worng here) as I haven’t got enough documentation or blogs upon there usage etc.

Are there anyother Mobile Application fuzzers which work on blackbox mechanism as I mostly am dealing with apks?