Fuzzing is a technique of identifying software vulnerabilities by automated corpus generation.Finding vulnerabilities in software requires in-depth knowledge of different technology stacks. Modern day software’s have a huge codebase and may contain vulnerabilities. Manually verifying such vulnerabilities is a tedious task and may not be possible in all cases. This training is designed in such a way that it introduces the concept of fuzzing and vulnerability discovery in software’s covering multiple platforms such as Linux & Windows and triage analysis for those vulnerabilities.

Register Now!

During this training, attendees would be emulating techniques which would provide a comprehensive understanding of “Crash, Detect & Triage” of fuzzed binaries or software. In “Deep dive into fuzzing” we will be covering a detailed overview of fuzzing and how it can be beneficial to professionals in uncovering security vulnerabilities with a hands-on approach through focus on labs. 

Student Requirements

  • Basic understanding of Linux & Windows fundamentals.
  • Understanding of basic programming concepts, familiarity with C/C++ and common data types. 

  • Register Now!

Student should bring

Attendees are required to have a system with root/admin privilege with minimum 8GB RAM and 100 GB disk space with VirtualBox or VMware installed.

Students will be provided

  • Walkthrough of lab exercises.
  • A dedicated server with custom OS (Windows & Linux) for one month which can be utilized for fuzzing.
  • Local lab setup (OVA of Ubuntu and Windows) loaded with all the course exercises and material including solutions.
  • A private dedicated channel where trainers will be available to answer your queries after the training.

  • Register Now!

Audience skill level 

Beginner/Intermediate

About Instructors (BIO)

An active speaker who has discovered multiple zero-days in modern web browsers and an open-source contributor. He is a trainer at Blackhat, BruCON, 44CON and presented in conferences such as Ekoparty, NorthSec, Hacktivity, PHDays, Hack in Paris & HITB. In his free time, he blogs at www.inputzero.io/www.fuzzing.at and tweets on @RandomDhiraj.

Zubin Devnani is a red teamer by trade, who has identified multiple vulnerabilities in commonly used software. He is a trainer at Blackhat, BruCON and OWASP and has delivered multiple workshops, including PHDays and Hacktivity. Utilizes his fuzzing skills in his day-to-day trade to identify new ways of breaking into enterprises! Blogging at devtty0.io and tweets on @p1ngfl0yd.

  • Register Now!