Advanced Fuzzing & Security Trainings

Build high-end Security Skills with courses dedicated to Software Security Audit, Vulnerability Research, Reversing and Fuzz testing.

CHOOSE YOUR NEW SKILL TO MASTER​

Rust
Go
WebAssembly
Browser
Rust
Go
WebAssembly
Browser

We offers a wide-range of advanced fuzzing/security trainings and consulting services around Rust, C/C++, Golang, WebAssembly, Browser and Blockchain security. We provide online courses and public trainings at multiple security conference.

fuzzing security python pythonfuzz courses trainings consulting training academy patrick rust webassembly wasm go ventuzelo

Online Courses

After a lot of requests from our clients, we have decided to provide most of our private training in a video-on-demand (VoD) format available fully online. If you are interested and want early access to the courses once published, please contact us, and don’t forget to provide your mail in the newsletter form below.      

DISCOVER OUR COURSES
WebAssembly Security training wasm patrick ventuzelo

Blockchain Security

We offer a wide range of fuzzing and blockchain security services on layer 1/2 blockchain built with Rust, Go, and WebAssembly. We help our clients to develop and secure their own software, including training to boost employee qualification, code audits, as well as vulnerability assessments, and custom fuzzing development.

List of services
WebAssembly Security rust training wasm patrick ventuzelo blog

Private Trainings

We offer the world’s first trainings about Web Browser fuzzing and WebAssembly security in 4 to 5 days format. We have also developed some exclusive training about Rust security and Golang security that required only 2 days. Customizations are possible for online and on-site training but need to be requested as soon as possible.                     

Learn More

Any questions about our services and trainings ?

Get in touch today with any questions that you might have.

Contact us

Exclusive online and private

Fuzzing & Security Trainings

rust security patrick ventuzelo training webassembly

Rust Security Audit and Fuzzing

This goal of this course is to give you all the prerequisites to understand which kind of vulnerability can be found inside Rust code. You will learn how to find low hanging fruits bugs manually and automatically using Rust auditing tools. Finally, you will discover how to build custom Rust fuzzerstriage/debug crashes and improve your code coverage using differents techniques.

Along this training, students will deal with a lots of hands-on exercises allowing them to internalize concepts and techniques taught in class.

COURSE OUTLINE

Day 1 - Rust Security Audit and Code Review

  • Introduction to Rust and its Ecosystem
  • Security concepts
    • Ownership, Borrowing and Lifetime
  • Rust most common vulnerabilities
    • Error handling & Unwrapping, Panicking macros, Arithmetic errors
    • Index out of bound, Stack overflow, resource exhaustion (OOM)
  • Unsafe codes
    • Tooling and Sanitizers (ASAN, MSAN, etc.)
    • Out of bound access (OOB), Use-after-free (UAF), Double free, Memory leak, Data Races and Race Conditions
  • Rust advanced vulnerabilities
    • Logic bugs, FFI, Cryptographic issues, Uninitialized & Zeroing memory
  • Attack surface discovery & Auditing tools

Day 2 - Finding Bugs automatically using Fuzzing

  • Fuzzing Introduction and Workflow
  • Coverage-guided Fuzzing in Rust
    • cargo-fuzz, afl-rs, honggfuzz-rs
  • Improve your Fuzzing Process
    • Code coverage, Corpus selection, Corpus minimization
    • Crashes Triaging and Debugging
  • Structure-aware & Grammar-based Fuzzing
  • Other Advanced Testing techniques
    • Symbolic Execution, Formal verification
    • Differential Fuzzing
    • Writing Custom Rust Fuzzers
ONLINE COURSE
REQUEST ONSITE QUOTE
web browser fuzzing vulnera bility cve research fuzz testing safari chrome chomium firefox spidermonkey v8 d8 webkit JSC javascriptcore

Practical Web Browser Fuzzing

Web Browsers are one of the most used and critical software in the world. Using millions of lines of code, they are in charge of handling, sanitizing, and interpreting all kinds of (untrusted) data coming from the web. To be honest, It’s just impossible for developers to write such complex pieces of software (involving compilers, interpreters, and parsing libraries) without introducing any bugs.

As shown in the last years, Fuzz testing is by far the most efficient and scalable testing technique to find software bugs. In this training, we will apply fuzzing to find critical vulnerabilities in different web browser implementations.

First, this course will give you all the prerequisites to understand the architecture and major components of modern web browsers. Then, you will create and set up a testing environment allowing you to easily replay, debug, minimize and analyze existing issues, CVEs, and PoCs. Over dedicated modules, you will discover and fuzz the main browser components such as DOM, JS engines, JIT compilers, WebAssembly, IPC. You will learn how to use famous tools (Domato, Dharma, Fuzzilli, Frida) and create your custom fuzzers to apply different fuzzing techniques (coverage-guided, grammar-based, in-process fuzzing) to find vulnerabilities/bugs.

A lot of hands-on exercises will allow you to internalize concepts and techniques taught in class. This course will mainly focus on Google Chrome, Firefox, and WebKit/JSC.

COURSE OUTLINE

Module 1: Introduction to Browser Fuzzing

  • Introduction to Fuzzing
  • Modern Browser Architecture & major Components
  • Setting up a Testing and Debugging environment
  • Compile and Explore famous browser codebases
  • Fuzzing Web Browsers Fundamentals
  • Improving your Fuzzing Workflow & Automation

Module 2: Fuzzing DOM & Rendering engines

  • Introduction to the Rendering engine
  • HTML/CSS/XML Parsing
  • Analysis of existing CVEs, Issues, and PoCs
  • Blink, Gecko & WebKit Fuzzing
  • DOM rendering & Implementation
  • Fuzzing DOM using Grammar-based Fuzzing

Module 3: Fuzzing JavaScript Engines & JIT Compilers

  • JavaScript Engine Internals & APIs
  • Memory management and Garbage collection
  • Analysis of existing CVEs, Issues, and PoCs
  • V8, Spidermonkey & JavaScriptCore Fuzzing
  • JIT compilers Internals
  • TurboFan and IonMonkey Fuzzing

Module 4: Fuzzing WebAssembly Compilers & APIs

  • Introduction to WebAssembly
  • VM Architecture & Implementation
  • Analysis of existing CVEs, Issues, and PoCs
  • Fuzzing WebAssembly JavaScript APIs
  • WebAssembly compilers internals
  • WebAssembly In-process Fuzzing

Module 5: Fuzzing IPC and other Components

  • Inter-Process Communication (IPC) Internals
  • Analysis of existing CVEs, Issues, and PoCs
  • Fuzzing Chrome Mojo/Legacy IPC
  • Discovery of other Components Implementation
  • Networking/Data Persistence APIs
  • Fuzzing Media and other Plugins
REQUEST ONSITE QUOTE
WebAssembly Security training wasm patrick ventuzelo

WebAssembly Security Analysis and Fuzzing

This courses will give you all the prerequisites to understand what’s a WebAssembly module and its associated virtual machine. At the end of this intensive 4 days, you will be able to reverse statically and dynamically a WebAssembly module, analyze its behavior, create detection rule and search for vulnerabilities and security issues. You will learn which security measures are implemented by the WebAssembly VM to validate and handle exceptions. Finally, you will discover how to find vulnerabilities inside WebAssembly VMs (Web-browsers, Standalone VM) using differents fuzzing techniques.

Along this training, students will deal with a lots of hands-on exercises allowing them to internalize concepts and techniques taught in class.

COURSE OUTLINE

Day 1 - WebAssembly Reversing

  • Introduction to WebAssembly
  • WebAssembly VM architecture
  • WebAssembly toolchain
  • Writing examples in C/C++/Rust/C#
  • Debugging WebAssembly module
  • WASM binary format (header, sections)
  • WebAssembly Text Format (wat/wast)
  • WebAssembly Instructions set
  • Coding with WASM Text format
  • Reversing WebAssembly module
  • CFG & CallGraph reconstruction
  • DataFlowGraph analysis
  • Browser Addons reversing

Day 2 - Real-life Modules Analysis

  • Modules Instructions analytics/metrics
  • WASM cryptominers analysis
  • Pattern detection signatures (YARA)
  • Taint Tracking
  • Dynamic Binary Instrumentation
  • Bytecode (De)-Obfuscation techniques
  • Static Single Assignment & Decompilation
  • Real-life WASM module analysis
  • Hacking WebAssembly video game

Day 3 - Wasm Modules Vulnerabilities

  • Traps & Exception handling
  • WebAssembly module vulnerabilities
  • Integer/Buffer/Heap Overflows
  • Advanced vulnerabilities (UaF, TOCTOU…)
  • CFI Hijacking
  • Emscripten vulnerabilities
  • Exploitation NodeJS server running wasm module
  • Vulnerability detection (Static & Dynamic)
  • Lifting WASM bytecode
  • Fuzzing WebAssembly modules

Day 4 - Vulnerability Research inside Wasm VM

  • Web-Browsers vulnerabilities analysis (CVEs PoC)
  • WebAssembly VM & Interpreter vulnerabilities
  • WebAssembly JS APIs generation
  • Fuzzing Web-Browsers (Chrome, Firefox, WebKit)
  • WASM module validation mechanism
  • Writing edge case module
    WAT, WAST & WASM
  • grammar generation
  • Blockchain VM targets
  • Fuzzing C/C++/Rust/Go WASM project
  • WebAssembly for Security Researcher
  • In-memory fuzzing everything using WebAssembly & Frida
ONLINE COURSE
REQUEST ONSITE QUOTE
c c++ fuzzing afl libfuzzer honggfuzz patrick ventuzelo

C/C++ WHITEBOX FUZZING

This course will teach you everything you need to know to start fuzzing C/C++ source code using different fuzzing techniques. You will learn how to use famous coverage-guided fuzzing framework (afl, libfuzzer, honggfuzz) and create custom fuzz target harnesses. Then, you will learn how to evaluate and improve your fuzzing results, debug and analyze crashes. Finally, you will discover some other more advanced testing techniques to find in-depth bugs. During the all training, you will target real-life/popular C/C++ libraries.

Along this training, students will deal with a lots of hands-on exercises allowing them to internalize concepts and techniques taught in class.

COURSE OUTLINE

  • Introduction to Fuzzing
  • Coverage-guided Fuzzing
    • afl / honggfuzz
  • Improve your Fuzzing workflow
    • Corpus/inputs selection
    • Code coverage / Corpus minimization
  • Crashes Analysis
    • Crashes minimization / Bucketing / Debugging / Root cause analysis
  • In-Memory fuzzing
    • libfuzzer / afl / honggfuzz
  • Generation-based fuzzing
    • Structure-aware
    • Grammar-based Fuzzing with dictionaries
  • Other Advanced Testing techniques
    • Symbolic Execution / Concolic Execution
    • Differential Fuzzing
ONLINE COURSE
REQUEST ONSITE QUOTE
go golang security fuzzing audit fuzz gofuzz go-fuzz

Go Security Audit and Fuzzing

This course teaches you all the prerequisites to understand which kind of vulnerability can be found inside Go code. You will learn how to find low-hanging fruits bugs manually and automatically using different Go auditing tools. You will discover how to use existing Go fuzzing coverage-guided frameworks, triage/debug crashes, and improve your code coverage. Finally, you will discover how to build custom Go fuzzers and implement advanced fuzzing techniques to find in-depth bugs on popular Go packages.

Along this training, students will deal with a lot of hands-on exercises allowing them to internalize concepts and techniques taught in class.

COURSE OUTLINE

Day 1 - Go Security Audit and Code Review

  • Introduction to Golang and its Ecosystem
  • Golang Security concepts
    • Concurrency, Garbage collector, etc.
  • Golang vulnerabilities
    • Error handling, panics, nil pointer dereference
    • Index out of bound, Stack overflow, resource exhaustion (OOM)
    • Advanced vulnerabilities
  • Attack surface discovery & Auditing tools

Day 2 - Finding Bugs automatically using Fuzzing

  • Introduction to Golang Fuzzing
  • Coverage-guided Fuzzing (go-fuzz / libfuzzer)
  • Go Fuzz testing workflow and Corpus selection
  • Code coverage, Corpus minimization
  • Crashes Triaging and Debugging
  • Other Advanced Fuzz Testing techniques
  • Differential Go Fuzzing
  • Writing Custom Go Fuzzers
ONLINE COURSE
REQUEST ONSITE QUOTE

We taught Startup & Fortune 500 companies

FREE Courses & Trainings

Enter your email and we'll send you a bundle of awesome resources. 100% free - 100% awesome.

Latest Blogposts