Advanced Security & Fuzzing Trainings

Build high-end Security Skills with courses dedicated to Software Security Audit, Vulnerability Research, Reversing and Fuzz testing.

CHOOSE YOUR NEW SKILL TO MASTER​

Choose your favorite learning format!

  • Live Onsite training

    Training will be given onsite at your office allowing direct and physical interaction with the attendees.

  • Live Online training

    Security training will be given online during live Zoom or Google meet sessions allowing direct and real-time interaction with the attendees.

  • On-Demand Video

    Videos on-demand (VoD) of the training will be accessible on a dedicated platform allowing participants to follow at their own pace and at any time corresponding to their schedule.

  • Mixed format

    This format is basically a mixed of the live online training and the offline VoDs format. Attendees will get access to the video recording and after some time (like one month), some live Q&A session will be defined.

fuzzinglabs training course online patrick ventuzelo interface

Trusted by Companies of All Sizes

fuzzinglabs client coinbase google amazon google Meta amazon fastly wasmer shopify Ethereum foundation web3 foundation starkware Halborn coinbase Apple parity technologie Aleo sigmaprime Lambdaclass trailofbits Bishop Fox

Exclusive online and private

Fuzzing & Security Trainings

Rust is a strongly typed and safe systems programming language developed by Mozilla. Over the years, it has become the language of choice to build memory-safe programs while maintaining high performance at scale. Rust is usually used for file format and protocol parsers but also on critical projects like in the new high-performance browser engine, Servo.

However, coding using memory-safe language doesn’t mean the code will be bug-free. Different kinds of rust security vulnerabilities like overflows, DoS, UaF, OOB, etc. can still be found and sometimes exploited to achieve remote code execution (RCE).

The goal of this course is to give you all the prerequisites to understand which kind of vulnerability can be found inside Rust code. You will learn how to find low-hanging fruit bugs manually and automatically using Rust security auditing tools. Finally, you will discover how to build custom Rust fuzzerstriage/debug crashes and improve your code coverage using different techniques.

Along this training, students will deal with a lot of hands-on exercises allowing them to internalize concepts and techniques taught in class.

COURSE SYLLABUS

Module 1 - Rust Audit & Code Review

  • Introduction to Rust and its Ecosystem
  • Security concepts
    • Ownership, Borrowing and Lifetime
  • Rust most common vulnerabilities
    • Error handling & Unwrapping, Panicking macros, Arithmetic errors
    • Index out of bound, Stack overflow, resource exhaustion (OOM)
  • Unsafe codes
    • Tooling and Sanitizers (ASAN, MSAN, etc.)
    • Out of bound access (OOB), Use-after-free (UAF), Double free, Memory leak, Data Races and Race Conditions
  • Rust advanced vulnerabilities
    • Logic bugs, FFI, Cryptographic issues, Uninitialized & Zeroing memory
  • Attack surface discovery & Auditing tools

Module 2 - Rust Fuzzing & Crash Analysis

  • Fuzzing Introduction and Workflow
  • Coverage-guided Fuzzing in Rust
    • cargo-fuzz, afl-rs, honggfuzz-rs
  • Improve your Fuzzing Process
    • Code coverage, Corpus selection, Corpus minimization
    • Crashes Triaging and Debugging
  • Structure-aware & Grammar-based Fuzzing
  • Other Advanced Testing techniques
    • Symbolic Execution, Formal verification
    • Differential Fuzzing
    • Writing Custom Rust Fuzzers
  • Familiarity with Linux and Rust.
  • A working laptop capable of running virtual machines
  • 4GB RAM required, at a minimum
  • 40 GB free Hard disk space
  • VirtualBox
  • Administrator/root access MANDATORY

This course is suitable for people that are new to Rust. All the theory and concepts about Rust security and Rust fuzz testing will be explained during the course.

  • Software developers
  • Security engineers
  • Vulnerability researchers
  • Bug bounty hunters
  • Pentesters & Red team professionals
  • Anyone who want to learn more about Rust security & fuzzing

Web Browsers are one of the most used and critical software in the world. Using millions of lines of code, they are in charge of handling, sanitizing, and interpreting all kinds of (untrusted) data coming from the web. To be honest, It’s just impossible for developers to write such complex pieces of software (involving compilers, interpreters, and parsing libraries) without introducing any bugs.

As shown in the last years, Fuzz testing is by far the most efficient and scalable testing technique to find software bugs. In this training, we will apply fuzzing to find critical vulnerabilities in different web browser implementations.

First, this course will give you all the prerequisites to understand the architecture and major components of modern web browsers. Then, you will create and set up a testing environment allowing you to easily replay, debug, minimize and analyze existing issues, CVEs, and PoCs. Over dedicated modules, you will discover and fuzz the main browser components such as DOM, JS engines, JIT compilers, WebAssembly, IPC. You will learn how to use famous tools (Domato, Dharma, Fuzzilli, Frida) and create your custom fuzzers to apply different fuzzing techniques (coverage-guided, grammar-based, in-process fuzzing) to find vulnerabilities/bugs.

A lot of hands-on exercises will allow you to internalize concepts and techniques taught in class. This course will mainly focus on Google Chrome, Firefox, and WebKit/JSC.

COURSE OBJECTIVES

  • Discover the architecture and components of modern web browsers.
  • Learn how to create a testing environment for browser fuzzing.
  • Analyze existing CVEs, issues, and PoCs to learn from other researchers.
  • Discover how to use and customize the most famous browser fuzzing tools.
  • Learn how to replay, minimize and analyze crashes.
  • Learn how to apply different fuzzing techniques against browser components.
  • Familiarity with scripting (Python, Bash) and Linux.
  • Familiarity with C/C++ and JavaScript.
  • A working laptop capable of running virtual machines
  • 8GB RAM required, at a minimum
  • 80 GB free Hard disk space
  • VirtualBox
  • Administrator/root access MANDATORY
  • Security engineers
  • Vulnerability researchers
  • Bug bounty hunters
  • Anyone who want to learn more about browser internals and fuzzing

COURSE SYLLABUS

Module 1: Introduction to Browser Fuzzing

  • Introduction to Fuzzing
  • Modern Browser Architecture & major Components
  • Setting up a Testing and Debugging environment
  • Compile and Explore famous browser codebases
  • Fuzzing Web Browsers Fundamentals
  • Improving your Fuzzing Workflow & Automation

Module 2: Fuzzing DOM & Rendering engines

  • Introduction to the Rendering engine
  • HTML/CSS/XML Parsing
  • Analysis of existing CVEs, Issues, and PoCs
  • Blink, Gecko & WebKit Fuzzing
  • DOM rendering & Implementation
  • Fuzzing DOM using Grammar-based Fuzzing

Module 3: Fuzzing JavaScript Engines & JIT Compilers

  • JavaScript Engine Internals & APIs
  • Memory management and Garbage collection
  • Analysis of existing CVEs, Issues, and PoCs
  • V8, Spidermonkey & JavaScriptCore Fuzzing
  • JIT compilers Internals
  • TurboFan and IonMonkey Fuzzing

Module 4: Fuzzing WebAssembly Compilers & APIs

  • Introduction to WebAssembly
  • VM Architecture & Implementation
  • Analysis of existing CVEs, Issues, and PoCs
  • Fuzzing WebAssembly JavaScript APIs
  • WebAssembly compilers internals
  • WebAssembly In-process Fuzzing

Module 5: Fuzzing IPC and other Components

  • Inter-Process Communication (IPC) Internals
  • Analysis of existing CVEs, Issues, and PoCs
  • Fuzzing Chrome Mojo/Legacy IPC
  • Discovery of other Components Implementation
  • Networking/Data Persistence APIs
  • Fuzzing Media and other Plugins

This courses will give you all the prerequisites to understand what’s a WebAssembly module and its associated virtual machine. At the end of this intensive 4 days, you will be able to reverse statically and dynamically a WebAssembly module, analyze its behavior, create detection rule and search for vulnerabilities and security issues. You will learn which security measures are implemented by the WebAssembly VM to validate and handle exceptions. Finally, you will discover how to find vulnerabilities inside WebAssembly VMs (Web-browsers, Standalone VM) using differents fuzzing techniques.

Along this training, students will deal with a lots of hands-on exercises allowing them to internalize concepts and techniques taught in class.

COURSE SYLLABUS​​

Module 1 - WebAssembly Reverse Engineering

  • Introduction to WebAssembly ecosystem
  • WebAssembly compilation and toolchain
  • Instructions set and Debugging WebAssembly module
  • WebAssembly binary and Text Format
  • WebAssembly Module reversing
  • CFG & Call Graph reconstruction
  • Data Flow Graph analysis

Module 2 - Advanced WebAssembly Modules Analysis

  • Modules Instructions analytics/metrics
  • Cryptominers analysis and Pattern detection signatures
  • Dynamic Binary Instrumentation (DBI)
  • Bytecode (De)-Obfuscation techniques
  • Static Single Assignment (SSA) & Decompilation
  • Hacking WebAssembly video game

COURSE OBJECTIVES

  • Learn what is WebAssembly and what’s inside a WebAssembly module.
  • Discover the architecture of the WebAssembly virtual machine.
  • Learn how to analyze statically and dynamically real-life wasm modules.
  • Discover how to hack video games running on your browsers using WebAssembly.
  • Basic reverse engineering skills.
  • Familiarity with scripting (Python, Bash).
  • SKILL LEVEL: BEGINNER / INTERMEDIATE
  • A working laptop capable of running virtual machines
  • 4GB RAM required, at a minimum
  • 40 GB free Hard disk space
  • VirtualBox
  • Administrator / root access MANDATORY
  • IDA Pro would be helpful but not required

This course is suitable for people that are new to WebAssembly. All the theory and concepts about WebAssembly reversing will be explained during the course.

  • Software developers
  • Security engineers
  • Vulnerability researchers
  • Bug bounty hunters
  • Pentesters & Red team professionals
  • Anyone who want to learn more about C/C++ fuzzing

This course will teach you everything you need to know to start fuzzing C/C++ source code using different fuzzing techniques. You will learn how to use famous coverage-guided fuzzing framework (afl, libfuzzer, honggfuzz) and create custom fuzz target harnesses. Then, you will learn how to evaluate and improve your fuzzing results, debug and analyze crashes. Finally, you will discover some other more advanced testing techniques to find in-depth bugs. During the all training, you will target real-life/popular C/C++ libraries.

Along this training, students will deal with a lots of hands-on exercises allowing them to internalize concepts and techniques taught in class.

COURSE SYLLABUS​

  • Introduction to Fuzzing
  • Coverage-guided Fuzzing
    • afl / honggfuzz
  • Improve your Fuzzing workflow
    • Corpus/inputs selection
    • Code coverage / Corpus minimization
  • Crashes Analysis
    • Crashes minimization / Bucketing / Debugging / Root cause analysis
  • In-Memory fuzzing
    • libfuzzer / afl / honggfuzz
  • Generation-based fuzzing
    • Structure-aware
    • Grammar-based Fuzzing with dictionaries
  • Other Advanced Testing techniques
    • Symbolic Execution / Concolic Execution
    • Differential Fuzzing
  • Familiarity with Linux and C/C++.
  • A working laptop capable of running virtual machines
  • 4GB RAM required, at a minimum
  • 40 GB free Hard disk space
  • VirtualBox
  • Administrator/root access MANDATORY

This course is suitable for people that are new to C/C++. All the theory and concepts about C/C++ fuzz testing will be explained during the course.

  • Software developers
  • Security engineers
  • Vulnerability researchers
  • Bug bounty hunters
  • Pentesters & Red team professionals
  • Anyone who want to learn more about C/C++ fuzzing

Go (golang) is a statically typed and compiled programming language designed by Google. Over the years, it has become a language of choice for developers to build concurrency backend applications while maintaining high performance at scale.

This course teaches you all the prerequisites to understand which kind of vulnerability can be found inside Go code. You will learn how to find low-hanging fruit bugs manually and automatically using different Go auditing tools. You will discover how to use existing Go fuzzing coverage-guided frameworks, triage/debug crashes, and improve your code coverage. Finally, you will discover how to build custom Go fuzzers and implement advanced fuzzing techniques to find in-depth bugs on popular Go packages.

Along this training, students will deal with a lot of hands-on exercises allowing them to internalize concepts and techniques taught in class.

COURSE SYLLABUS

Module 1 - Go Security Audit and Code Review

  • Introduction to Go and its Ecosystem
  • Security concepts
    • Memory safety,  Garbage collector
    • Error handling, Concurrency
  • Golang common vulnerabilities
    • Panicking function
    • Arithmetic errors
    • Out-of-bounds panics
    • SIGSEGV / Nil pointer dereference
    • Resource exhaustion / OOM, Stack overflow
  • Advanced vulnerabilities
    • Unsafe code
    • Data races, Race conditions, 
    • Memory Leak, Logic errors, Concurrency issues
    • Web App Vulnerabilities (SQLI, XSS, etc.)
  • Attack surface discovery & Auditing tools

Module 2 - Go Fuzzing & Crash Analysis

  • Introduction to Fuzzing
  • Coverage-guided Fuzzing
    • go-fuzz, libfuzzer,  testing/fuzz
  • Fuzz testing workflow
    • Corpus/inputs collection, Code coverage
    • Corpus minimization
  • Crashes Analysis
    • Bucketing, Crashes minimization, Debugging, Root cause analysis
  • Generation-based fuzzing
    • Grammar-based & Structure-aware Fuzzing
  • Advanced testing techniques
    • Property-based testing, Concolic Testing
    • Differential fuzzing / Writing custom fuzzers
  • Familiarity with Linux and Go.
  • A working laptop capable of running virtual machines
  • 4GB RAM required, at a minimum
  • 40 GB free Hard disk space
  • VirtualBox
  • Administrator/root access MANDATORY

This course is suitable for people that are new to Go. All the theory and concepts about Go security and Go fuzz testing will be explained during the course.

  • Software developers
  • Security engineers
  • Vulnerability researchers
  • Bug bounty hunters
  • Pentesters & Red team professionals
  • Anyone who want to learn more about Go security & fuzzing

Any questions about our services and trainings ?

Get in touch today with any questions that you might have.

Why Choose Us

"Learned so much about modern WebAssembly security. The lecture and exercise learning format is excellent! It's very worth it and I highly recommend Patrick's course!"
Zion.P
Security engineer
"Really complete training if you're starting to write and audit Go code. I've already applied and used the fuzzing tools and techniques against Blockchain code and I directly found multiple bugs! Thanks Patrick!"
Anonymous
Blockchain engineer
"I personally have learned a lot. I have to admit that this training is more for advanced Fuzzing and Rust experts or those who want to become one. I don't have as much experience in these two topics, since I'm not a developer but a security manager. Nevertheless, I was very interested in these topic and I found the training very good! Thank you Patrick!"
Irina.K
Security manager
"Patrick is very skilled in his art. This course covers so much to get into the world of fuzzing. This course even covers how Radamsa can be used from a pentesting perspective. Highly recommend this course to anyone looking to learn more about fuzzing open source applications! "
Brendan.S
Vulnerability researcher
"Excellent course documentation! Having videos with the instructor working through examples live, debugging issues live, starting from scratch is a game changer for beginners. Online course are significantly better than in person. Pat is knowledgeable and able to provide effective, concise, practical tips."
Deholo.N
Security engineer
"Good sharing of fuzzing tools and setup. Great materials for browser internals and recommendations for internal studies. Will recommend if you want to pick up browser fuzzing and understanding of general concepts for browser internals."
Anonymous
Vulnerability researcher
"I was impressed with the quality of Go training on many levels. The slides exceeded my expectations and the videos really motivated me to finish the course entirely! Of course, It costs a certain budget but it's definitely worth the investment."
Anonymous
Security engineer
"Essential training covering all shorts of issues and scenarios. A well rounded training that does not leave anything uncovered. A great place to start when entering Rust space."
Georgios.D
Software engineer
"I recommend this training to anyone that is interested in having a well guided kick start to fuzzing. Patrick offers very well thought out fundamentals and methodology to fuzzing and it was definitely very useful.I enjoyed the thought process and methodology on how I could fuzz different parts of the browser. While there are materials to fuzzing online, the thought process of which fuzzing technique to use is often not highlighted very clearly, and Patrick was able to share that thought process in his training. "
Anonymous
Vulnerability researcher

FREE Courses & Training

Enter your email and we'll send you a bundle of awesome resources. 100% free - 100% awesome.

Partner trainings

Any questions about our services and trainings ?

Get in touch today with any questions that you might have.