Fuzzing remains one of the most effective techniques for discovering vulnerabilities in real-world software. While widely used in open-source and Linux environments, fuzzing on Windows presents unique challenges, from binary harnessing and instrumentation to coverage tracking and debugging.
This course teaches you how to set up and perform fuzzing campaigns targeting Windows userland applications using state-of-the-art tools like winAFL, Jackalope, and Wtf.
You’ll learn how to build and optimize fuzzing harnesses, identify and triage real vulnerabilities, analyze code coverage, and apply grammar- and snapshot-based fuzzing techniques. Along the way, you’ll study real applications like WinRAR, IrfanView, and Assault Cube, and reproduce known vulnerabilities to develop deep debugging and root-cause analysis skills.
By the end of this training, you’ll be fully equipped to conduct your own professional-grade fuzzing campaigns on complex Windows targets.
This course includes multiple hands-on labs, crash triage sessions, and deep technical demos to reinforce every concept covered.
Trusted by Security Engineers at Leading Companies
🎯 Focus: Foundational fuzzing techniques using winAFL
The first day introduces core fuzzing concepts with hands-on exercises in creating effective fuzzing harnesses. You'll work with various archive formats and explore a real-world case study on WinRAR code execution vulnerabilities.
🎯 Target Applications:
LibArchive - Open-source C library for reading and writing streaming archives
WinRAR - Widely-used Windows file archiver for case-study insights
🔑 Key Topics:
winAFL fundamentals and Windows-based vulnerability testing
Fuzzing concepts, corpus generation, and optimization techniques
Deep dive into fuzzing tool interactions with Windows binaries and libraries
📈 Learning Objectives:
Master essential Windows internals for fuzzing
Apply introductory fuzzing techniques effectively
Build well-structured fuzzing corpora
🎯 Focus: Advanced analysis with Jackalope and coverage tools
Day two dives deep into vulnerability discovery using IrfanView as the primary target. You'll master triaging techniques, conduct thorough coverage analysis, and apply professional debugging strategies.
🎯 Target Application:
IrfanView - Image viewer application for comprehensive vulnerability research
🔑 Key Topics:
winAFL - Advanced Windows application fuzzing
Jackalope - Cross-platform fuzzing for Windows/Linux/macOS
Lighthouse - Code coverage visualization and analysis
🎯 Hands-on Lab:
Rediscover a remote code execution (RCE) vulnerability in PSP files and expand skills with WEBP format fuzzing
📈 Learning Objectives:
Master vulnerability triaging techniques
Conduct comprehensive coverage analysis
Develop professional debugging practices for vulnerability investigation
🎯 Focus: Grammar-based fuzzing for complex file formats
Day three explores advanced grammar techniques for PDF applications, focusing on complex file structure fuzzing and symbol-less binary analysis—critical skills for real-world vulnerability research.
🎯 Target Applications:
IrfanView PDF Plugin - PDF handling within IrfanView
PDF-XChange - Popular PDF viewing and editing software
🔑 Key Topics:
Jackalope grammar fuzzing capabilities
Advanced grammar techniques for structured file formats
Symbol-less binary analysis and reversing strategies
📈 Learning Objectives:
Master grammar-based fuzzing for structured files like PDFs
Develop advanced binary analysis skills without debugging symbols
🎯 Focus: Advanced snapshot-based techniques with gaming applications
The final day explores cutting-edge snapshot fuzzing using video games as practical testing environments. Work with Assault Cube to master snapshot fuzzing concepts and analyze real vulnerabilities.
🎯 Target Application:
Assault Cube - Open-source networked FPS game with focus on map parsing vulnerabilities
🔑 Key Topics:
Snapshot Fuzzing - Creating and analyzing snapshot-based test cases
Wtf - Advanced snapshot fuzzing framework
📈 Learning Objectives:
Master snapshot fuzzing for complex application testing
Apply advanced techniques to real-world gaming applications
This training was selected and taught at Zer0Con, one of the world’s leading offensive security conferences in Seoul.
🔑 Immediate access to all the content
⏱️ Hours of curated and practical knowledge
🎞️ Easy-to-digest, on-demand videos
👨💻 Hands-on exercises & labs
♾️ Lifetime access
📖 Digital and printable slides
📝 Assignments to apply your new skills
💯 Certificate of completion
This course is for anyone looking for a hands-on and pragmatic approach to fuzzing and vulnerability research on Windows userland applications, including:
✔ Software developers
✔ Security engineers
✔ Vulnerability researchers
✔ Pentesters & Red team professionals
⚠️ This training is currently in pre-sales and it will be release in less than 3 months.
We speak, train, and compete at the world’s most respected security conferences.
Please, contact us here if you have any other question!