c0c0n 2026 | Practical Fuzzing: A Hands-On Learning Experience for Uncovering Vulnerabilities on Linux | Hacking & Cyber Security Briefing

Objective

Fuzzing is a powerful technique for identifying vulnerabilities in software. This hands-on training will cover the theory and practical aspects of fuzzing, including coverage-guided fuzzing, basic blocks and binary instrumentation, corpus collection and minimization, target selection, crash triage and root cause analysis, and real-life CVE analysis.

Attendees will have the opportunity to practice fuzzing on Linux and apply the concepts and techniques learned in the training to fuzz real world software. This training is suitable for attendees with a basic understanding of software development and testing.

Course Content

Day 1

Module 0: Introduction to Fuzzing

What is Fuzzing?
Fuzzing Process
Different types of Fuzzer
- Dumb Fuzzer (e.g., Radamsa)
- Mutation Fuzzer (e.g., Sulley)
- Coverage-guided Fuzzer (e.g., AFL, WinAFL, AFL++, libFuzzer, Honggfuzz)
Basic Blocks and Code Coverage
Binary Instrumentation
Fuzzing Strategies
Different Sanitizers
- ASAN
- UBSAN
- MSAN

Module 1: Vulnerabilities and Manual Analysis

Types of Vulnerabilities
- >Buffer Overflow
- >Heap Overflow
- >Integer Overflow
- >Use After Free
- >Out of Bound Read/Write
>Real-life Examples of Vulnerabilities
>Hands-on: Manually Identifying Vulnerabilities in Sample C Code

Module 2: AFL and AFL++

What is AFL and AFL++?
How AFL++ Works
Fork Server vs Persistent Mode
- How to Write Harness for Persistent Mode
Using AFL++
- How to Compile and Install
- Compilation Options
  - AFL_HARDEN, AFL_USE_ASAN, AFL_DONT_OPTIMIZE, etc.
- Hands-on: Compile Simple C Program with AFL++
- Fuzzing Simple C Program
- Fuzzing Real World Programs

Module 3: Corpus Handling

module-listCorpus Collection
- module-listHow to get good corpus
- module-listSources
module-listCorpus Minimization

Module 4: Advanced AFL++ Features

Persistent Mode
SHMEM Mode
Dictionaries for Fuzzing
QEMU Mode for Different Architectures
CMPLOG Feature
Fuzzing Network Binaries

Day 2

Module 5: Fuzzing Real Programs with AFL++

Fuzzing TCPDump
Fuzzing libTIFF
libEMF
clamAV
Fuzzing OpenSSL (Rediscovering CVEs using LibFuzzer)
- CVE-2023-0286
- CVE-2022-3602
Each includes:
- Getting Source Code and Dependencies
- Compiling with AFL++
- Corpus Collection and Minimization
- Fuzzing the Program
- Analyzing Issues Found
- Writing Harness when possible.

Module 6: Alternative Fuzzers

Honggfuzz
- Installing and Running
- Fuzzing Simple Programs
LibFuzzer
- Installing and Running
- Writing Harness
- Fuzzing Simple Programs

Day 3

Module 7: Root Cause Analysis and Crash Triage

Using GDB
- Debugging Sample Crashes
- Real-world Vulnerability Root Cause
Using Crashwalk
- Installing Crashwalk
- Using cwtriage, cwdump
- Automating Crash Triage

Module 8: OSS-Fuzz

Introduction and Theory
Local Setup
Building Docker Images and Fuzzers
Fuzzing Open Source Software

Module 9: Wrap Up

Q&A
Conclusion

Pre-requisite

Basic knowledge of C/C++ development and debugging.

Who Should Attend

People who are interested in learning about vulnerability discovery, fuzzing, software developers, QA Engineers.

Requirements

A laptop with admin privileges to run the provided VMs. VMs will be shared in a USB drive during the start of the workshop.

What to expect

Deep dive in fuzzing and internals, how does coverage guided fuzzer works, how can you fuzz software, How can you debug and analyse crashes to find root cause of vulnerabilities.

What Not to Expect

Exploit developments, 0 Days. This is a course on fuzzing and vulnerability discovery and not on exploit development.

Trainer

Hardik Shah

Principal Security Researcher

Duration 3 Day Training
Dates 6th Oct, 2026 to 8th Oct, 2026
Time 09:30 IST - 17:30 IST
Venue Grand Hyatt, Bolgatty, Kochi, Kerala

Venue & Date

Contact Us

c0c0n 3-Day Professional Training

Practical Fuzzing: A Hands-On Learning Experience for Uncovering Vulnerabilities on Linux