This training empowers you to harness the power of fuzzing, an automated technique that uncovers hidden vulnerabilities in software. Manual testing for these weaknesses in complex codebases is a struggle. Fuzzing automates this process, feeding your software unexpected inputs to expose cracks in its armor. By integrating fuzzing into your Secure Development Lifecycle (SDLC), you can proactively identify and fix vulnerabilities early, saving time and resources down the line. This training equips you with the knowledge to not only understand fuzzing fundamentals but also apply them across various platforms like Linux and Windows. You'll gain expertise in triage analysis, allowing you to prioritize and effectively address the vulnerabilities identified through fuzzing. Through hands-on labs, you'll gain real-world experience with the "Crash, Detect & Triage" process, solidifying your fuzzing mastery. This training is designed for security professionals and developers who want to take a proactive approach to software security.
Learning Objectives
Efficient fuzzing techniques
Exploring various vulnerability classes
Essential basics and mechanics of fuzzing
Designing custom grammars for fuzzing
Establishing persistence in intricate programs
Leveraging QEMU for binary-centric fuzzing
ARM architecture introduction and ARM binary fuzzing
Initiating fuzzing for Windows binaries
Numerous practical exercises with real-world software
CTC "“ Capturing crashes in custom applications
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):