Instructors: Patrick Ventuzelo & Kylian Boulard de Pouqueville
Dates: June 23 to 26 2025
Capacity: 25 Seats
This intensive 4-day training equips participants with cutting-edge fuzzing techniques and real-world applications, focusing on Windows environments, structured file fuzzing, and advanced vulnerability research. The training combines theoretical foundations, practical labs, and case studies to prepare participants for professional fuzzing and vulnerability discovery challenges.
The first day of training introduces foundational fuzzing techniques, emphasizing the use of winAFL on the library. Participants will delve into core fuzzing concepts, including effective corpus generation and advanced techniques to enhance the fuzzing harness. Hands-on exercises will guide participants in creating a basic harness to handle various archive formats. A practical case study on code execution vulnerabilities in WinRAR illustrates real-world applications of fuzzing within Windows environments.
On the second day, the training focuses on fuzzing IrfanView using tools such as winAFL, Jackalope, and Lighthouse to enhance the analysis and triaging process. Participants will learn essential triaging techniques, conduct coverage analysis, and apply debugging strategies to uncover vulnerabilities. In a hands-on lab, participants will rediscover a remote code execution (RCE) vulnerability in PSP files and expand their fuzzing skills by working with WEBP formats. A comprehensive ZDi report on fuzzing IrfanView provides insights into professional vulnerability research practices.
Day three emphasizes grammar-based fuzzing techniques, focusing on applications that handle PDF files, such as PDF-XChange and IrfanView's PDF plugin. Participants will explore fuzzing methodologies for complex file structures and gain skills in reversing binaries without symbols—a critical technique in real-world vulnerability research. Key resources include the latest industry reports and an ICSE research paper contextualizing these fuzzing techniques within modern security research.
Day four shifts focus to snapshot-based fuzzing techniques, using video games as a testing ground. The primary target, Assault Cube, provides a practical example for participants to apply snapshot fuzzing concepts with Wtf frameworks. Real-world case studies, including vulnerabilities in Assault Cube's map parser, highlight the practical impact of these techniques.
This training is tailored for cybersecurity professionals, researchers, and engineers interested in mastering fuzzing techniques for vulnerability discovery across a variety of applications.
Patrick Ventuzelo is a senior security researcher, CEO & founder of Fuzzinglabs. After working for the French Ministry of Defense, he specialized in fuzzing, vulnerability research, and reverse engineering. Over the years, Patrick has created multiple fuzzers, found hundreds of bugs, and published various blog posts/videos/tools on topics like Rust, Go, Blockchain, WebAssembly, and Browser security. Patrick is a regular speaker and trainer at various security conferences around the globe, including BlackHat USA, OffensiveCon, REcon, RingZer0, PoC, ToorCon, hack.lu, NorthSec, SSTIC, and others.
Kylian boulard de Pouqueville is a security researcher at FuzzingLabs, specializing in vulnerability research in Windows environment. He began his journey into cybersecurity by diving into malware development (Maldev), which fueled his deep understanding of Windows internals. This expertise led him to FuzzingLabs, where he now focuses on research in both userland and kernel land vulnerabilities in Windows environments.Outside of his research, Kylian enjoys developing low-level software and reverse engineering.
Click here to register.