Rust Security Audit and Fuzzing

Rust is a strongly typed and safe systems programming language developed by Mozilla. Over the years, it has become the language of choice to build memory-safe programs while maintaining high performance at scale. Rust is usually used for file format and protocol parsers but also on critical projects like in the new high-performance browser engine, Servo.

However, coding using memory-safe language doesn’t mean the code will be bug-free. Different kinds of rust security vulnerabilities like overflows, DoS, UaF, OOB, etc. can still be found and sometimes exploited to achieve remote code execution (RCE).

The goal of this course is to give you all the prerequisites to understand which kind of vulnerability can be found inside Rust code. You will learn how to find low-hanging fruit bugs manually and automatically using Rust security auditing tools. Finally, you will discover how to build custom Rust fuzzerstriage/debug crashes and improve your code coverage using different techniques.

Along this training, students will deal with a lot of hands-on exercises allowing them to internalize concepts and techniques taught in class.

COURSE SYLLABUS

Module 1 - Rust Audit & Code Review

  • Introduction to Rust and its Ecosystem
  • Security concepts
    • Ownership, Borrowing and Lifetime
  • Rust most common vulnerabilities
    • Error handling & Unwrapping, Panicking macros, Arithmetic errors
    • Index out of bound, Stack overflow, resource exhaustion (OOM)
  • Unsafe codes
    • Tooling and Sanitizers (ASAN, MSAN, etc.)
    • Out of bound access (OOB), Use-after-free (UAF), Double free, Memory leak, Data Races and Race Conditions
  • Rust advanced vulnerabilities
    • Logic bugs, FFI, Cryptographic issues, Uninitialized & Zeroing memory
  • Attack surface discovery & Auditing tools

Module 2 - Rust Fuzzing & Crash Analysis

  • Fuzzing Introduction and Workflow
  • Coverage-guided Fuzzing in Rust
    • cargo-fuzz, afl-rs, honggfuzz-rs
  • Improve your Fuzzing Process
    • Code coverage, Corpus selection, Corpus minimization
    • Crashes Triaging and Debugging
  • Structure-aware & Grammar-based Fuzzing
  • Other Advanced Testing techniques
    • Symbolic Execution, Formal verification
    • Differential Fuzzing
    • Writing Custom Rust Fuzzers
  • Familiarity with Linux and Rust.
  • A working laptop capable of running virtual machines
  • 4GB RAM required, at a minimum
  • 40 GB free Hard disk space
  • VirtualBox
  • Administrator/root access MANDATORY

This course is suitable for people that are new to Rust. All the theory and concepts about Rust security and Rust fuzz testing will be explained during the course.

  • Software developers
  • Security engineers
  • Vulnerability researchers
  • Bug bounty hunters
  • Pentesters & Red team professionals
  • Anyone who want to learn more about Rust security & fuzzing

Why Choose Us

"This course is pure gold. I wasted weeks looking for an alternative instead of taking this course directly. Huge mistake on my end because Patrick's slides are awesome and teach everything you need to know about for Rust security. "
Anonymous
Vulnerability researcher
"Very good practical training with focus on developing secure appswith Rust and fuzzing techniques, but also covers other testing methodologies. As a developer relatively new in Rust, I've learned a lot about general principles that should be used to develop safe applications, and various tooling built around Rust infrastructure that makes development much easier."
Alexander.K
Software developer
"Essential training covering all shorts of issues and scenarios. A well rounded training that does not leave anything uncovered. A great place to start when entering Rust space."
Georgios.D
Software engineer
"Excellent course documentation! Having videos with the instructor working through examples live, debugging issues live, starting from scratch is a game changer for beginners. Online course are significantly better than in person. Pat is knowledgeable and able to provide effective, concise, practical tips."
Deholo.N
Security engineer
"I personally have learned a lot. I have to admit that this training is more for advanced Fuzzing and Rust experts or those who want to become one. I don't have as much experience in these two topics, since I'm not a developer but a security manager. Nevertheless, I was very interested in these topic and I found the training very good! Thank you Patrick!"
Irina.K
Security manager
"Really good overview of techniques, live examples of common tools is super helpful and provides a good basis for building on knowledge gained in the training."
Anonymous
Vulnerability researcher

Any questions about our services and trainings ?

Get in touch today with any questions that you might have.