Breadcrumb
  1. Training
  2. Education & Training Catalog
  3. 8kSec LLC
  4. Applied Fuzzing and Vulnerability Analysis

Applied Fuzzing and Vulnerability Analysis

This training empowers you to harness the power of fuzzing, an automated technique that uncovers hidden vulnerabilities in software. Manual testing for these weaknesses in complex codebases is a struggle. Fuzzing automates this process, feeding your software unexpected inputs to expose cracks in its armor. By integrating fuzzing into your Secure Development Lifecycle (SDLC), you can proactively identify and fix vulnerabilities early, saving time and resources down the line. This training equips you with the knowledge to not only understand fuzzing fundamentals but also apply them across various platforms like Linux and Windows. You'll gain expertise in triage analysis, allowing you to prioritize and effectively address the vulnerabilities identified through fuzzing. Through hands-on labs, you'll gain real-world experience with the "Crash, Detect & Triage" process, solidifying your fuzzing mastery. This training is designed for security professionals and developers who want to take a proactive approach to software security.

Course Overview

Overall Proficiency Level
1 - Basic
Course Prerequisites

To successfully participate in this course, attendees should possess the following:

Working knowledge of cybersecurity and pen testing fundamentals
Working knowledge of Fuzzing concepts and Corpus generation is recommended, but not required
Basic Windows & Linux skills and command-line proficiency
Understanding of fundamental programming concepts and looping structures in at-least one higher-level language
Basic Windows/Linux binary assembly knowledge is recommended, but not required

Training Purpose
Functional Development
Skill Development
Specific Audience
All
General Public
Federal Employee
Academia
Contractor
Delivery Method
Online, Instructor-Led
Online, Self-Paced
  • Online, Instructor-Led
  • Online, Self-Paced

Learning Objectives

Efficient fuzzing techniques
Exploring various vulnerability classes
Essential basics and mechanics of fuzzing
Designing custom grammars for fuzzing
Establishing persistence in intricate programs
Leveraging QEMU for binary-centric fuzzing
ARM architecture introduction and ARM binary fuzzing
Initiating fuzzing for Windows binaries
Numerous practical exercises with real-world software
CTC "“ Capturing crashes in custom applications

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Feedback

If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.

Last Published Date: