Rust Development for Cyber Security

Instructors:  Tanguy Duhamel & Tristan Ferreira
Dates:  June 15 to 18 2026
Location:  Hilton DoubleTree Montreal
Capacity:  25

Learn to build defensive security tools in Rust. Over four days, you'll respond to a simulated breach: analyzing network captures, digging through memory dumps, decrypting attacker communications, and building detection systems. The training culminates with you taking control of the malware itself and sending the kill command. You'll leave with 17 working tools you built yourself and the skills to create more.

Key Learning Objectives

By the end of this training, participants will:

• Master Rust fundamentals (ownership, async, error handling) in a security context
• Analyze forensic artifacts: network traffic, memory dumps, and disk images
• Implement real-world cryptography to decrypt attacker communications
• Build detection tools for process monitoring and network analysis
• Understand C2 protocols well enough to hijack one

Course Topics

Day 1: Rust Foundations

Morning: Rust core concepts (ownership, borrowing, error handling), CLI development, and project organization with workspaces.

Afternoon: Advanced patterns (traits, generics, smart pointers), multi-threading with channels, and basic networking.

Exercises: Evidence management CLI, binary parser, parallel processing framework, file monitor.

Day 2: Forensic Analysis

Morning: Async Rust with Tokio, PCAP parsing, and C2 beacon detection through timing analysis.

Afternoon: Memory forensics, IOC extraction, and traffic decryption using AES-GCM and Zstd.

Exercises: Network analyzer, C2 pattern detector, memory forensics suite, traffic decryptor.

Day 3: EDR Development

Morning: Disk forensics, RSA decryption for encrypted configs, and persistence mechanism hunting.

Afternoon: Windows API with windows-rs, process enumeration, memory scanning, and detection engineering. Includes instructor demo on API hooking.

Exercises: Disk analyzer, config decryptor, process monitor, memory scanner, network detector.

Day 4: Threat Intelligence & Neutralization

Morning: OSINT automation, infrastructure mapping, and threat intel pipelines.

Afternoon: Protocol reverse engineering and C2 emulator development. Connect to live malware in a sandbox and terminate it.

Exercises: Infrastructure mapper, intel pipeline, protocol documentation, C2 emulator with kill switch.

Prerequisites

• Proficiency in at least one programming language
• Basic cybersecurity knowledge (networking, malware concepts)
• Laptop with 8GB+ RAM, 50GB+ free disk space and virtualization support

Software Requirements

• Operating System: Linux (preferred) or macOS/Windows with WSL.
• Rust compiler and Cargo installed (latest stable version).
• Additional Tools: Wireshark, Docker, Python 3, and a code editor (e.g., VSCode with Rust extension).

Who Should Attend

• Blue team professionals and incident responders
• Security engineers building detection infrastructure
• Developers moving into defensive security
• Students and researchers working on cybersecurity-related projects

BIO

Tanguy Duhamel is the Lead Developer on FuzzingLabs' distributed fuzzing platform, collaborating with Patrick Ventuzelo on code auditing, fuzzer development, and security research. His research focuses on advancing distributed fuzzing techniques to improve software security, with a strong foundation in Rust for building high-performance tools.

Tristan Ferreira is a Cybersecurity Expert and Software Engineer currently specializing in the development of FuzzForge at FuzzingLabs, where he brings extensive experience in building robust, high-performance software for the cybersecurity industry. His technical expertise is focused on networking and system-level engineering.

To Register

Click here to register.