This course teaches you the foundations of fuzzing and how to apply it on real-world complex software. The course provides a deep and comprehensive view of modern fuzzing, and there is a lot of material to cover. We do not just show how to run a few commands - we go deep into the code of targets and fuzzers, with the goal of finding bugs in real-world projects and more. This course will teach you in-depth and pragmatically how to fuzz, and following completion of the course you will be able to apply your skills professionally at a high level.
The course is heavily focused on real-world connection, and because of this you will be fuzzing many real-world projects in the course. You will learn how to surgically target your analysis towards specific parts of the application you are analysing, and do so against some of the most complex applications in the world such as Chromium.
Throughout the course you have several exercises and assignments. The assignments ask you to fuzz real-world software and you receive personalised feedback on your work. In addition to this, you can ask the instructor any question at any stage in the process, ensuring you have maximum flexbility to learn in your own manner and at your own pace.
Understand the foundations and background of modern fuzzing
Understand the concepts behind bug-finding techniques such as sanitizers
Get hands-on experience with writing fuzzers for a range of diverse software applications, e.g. parsers, languages, browsers and databases
Understand the concepts mutation-based fuzzing, generation-based fuzzing, in-memory fuzzing, feedback-based fuzzing, coverage-guided fuzzing
To be able to fuzz efficiently with corpus selection, dictionaries and fuzzing visualisations
To perform complex structure-aware fuzzing, including grammar-based fuzzing and fuzzing of state-full applications
To get hands-on experience with writing fuzzers for real-world applications
In the course we will be reading a lot of C/C++ code, so it is expected that students are familiar with reading source code in these languages and also writing small applications.
Red team professionals
Program analysis researchers
The course is divided in the following main sections. Each section is composed of a myriad of videos, notes, exercises, assignments and other forms of interactive learning.
Hands-on exercises of varying difficulty
24/7 access to platform and self-paced course
6 months subscription to online training platform
Instructor support throughout entire course
Course updates during subscription period
Get in touch today with any questions that you might have.Contact Us