Go Security Audit and Fuzzing

$2,400

Go Security Audit and Fuzzing

Learn which kind of security vulnerabilities/bugs can be found inside Go code, how to detect them statically and automatically using fuzzing techniques.
🎞️ 90+ videos / ⏱️ 7.5+ hours / 👨‍💻 25+ exercises

Enroll Now

What you'll learn?

This course teaches you all the prerequisites to understand which kind of vulnerability can be found inside Go code. You will learn how to find low-hanging fruits bugs manually and automatically using different Go auditing tools. You will discover how to use existing Go fuzzing coverage-guided frameworks, triage/debug crashes, and improve your code coverage. Finally, you will discover how to build custom Go fuzzers and implement advanced fuzzing techniques to find in-depth bugs on popular Go packages.

Along with this training, students will deal with a lot of hands-on exercises allowing them to internalize concepts and techniques taught in class.

Trusted by Security Engineers at Leading Companies

Module 1 - Go Audit & Code Review

Introduction to Go and its Ecosystem
Security concepts
- Memory safety, Garbage collector
- Error handling, Concurrency
Golang common vulnerabilities
- Panicking function
- Arithmetic errors
- Out-of-bounds panics
- SIGSEGV / Nil pointer dereference
- Resource exhaustion / OOM, Stack overflow
Advanced vulnerabilities
- Unsafe code
- Data races, Race conditions,
- Memory Leak, Logic errors
- Concurrency issues
- Web App Vulnerabilities (SQLI, XSS, etc.)
Attack surface discovery & Auditing tools

Module 2 - Go Fuzzing & Crash Analysis

Introduction to Fuzzing
Coverage-guided Fuzzing
- go-fuzz, libfuzzer, testing/fuzz
Fuzz testing workflow
- Corpus/inputs collection, Code coverage
- Corpus minimization
Crashes Analysis
- Bucketing, Crashes minimization, Debugging, Root cause analysis
Generation-based fuzzing
- Grammar-based & Structure-aware Fuzzing
Advanced testing techniques
- Property-based testing, Concolic Testing
- Differential fuzzing / Writing custom fuzzers

What's included?

🔑 Immediate access to all the content
⏱️ 7.5+ hours of curated and practical knowledge
🎞️ 90+ easy-to-digest, on-demand videos
👨‍💻 25+ hands-on exercises & labs
♾️ Lifetime access
📖 300+ digital and printable slides
📝 Assignments to apply your new skills
💯 Certificate of completion

Who should attend?

This course is for anyone who's looking for a hands-on and pragmatic approach to audit and secure Go code such as:

✔ Software developers
✔ Security engineers
✔ Vulnerability researchers
✔ Pentesters & Red team professionals

What's included in this bundle?

Go Audit and Code Review

Discover which kind of security bugs can be found inside Go code and how to detect them statically.
🎞️ 43 videos / ⏱️ 3.5 hours / 📖 150 slides

View details

Go Fuzzing and Crash Analysis

Learn how to use Go fuzzers, develop harnesses and apply different fuzzing techniques to find bugs.
🎞️ 49 videos / ⏱️ 4 hours / 📖 150 slides

View details

Go Security Virtual Machine

This virtual machine is an Ubuntu based VM (Xubuntu) with everything installed for the Go Security Audit and Fuzzing training.

View details

What Students are Saying...

Anonymous

Really complete training if you're starting to write and audit Go code. I've already applied and used the fuzzing tools and techniques against Blockchain code and I directly found multiple bugs! Thanks Patrick!

Thomas.H

The course contains a lot of information to be completely processed but it's well built and very practical! My favorite part was about fuzzing!

Anonymous

I was impressed with the quality of Go training on many levels. The slides exceeded my expectations and the videos really motivated me to finish the course entirely! Of course, It costs a certain budget but it's definitely worth the investment.

Anonymous

Great course, not just showing how to use some fuzzing tools... it goes into detail showing the process and workflow required to fuzz a target.

$2,400

Go Security Audit and Fuzzing

Learn which kind of security vulnerabilities/bugs can be found inside Go code, how to detect them statically and automatically using fuzzing techniques. 🎞️ 90 videos / ⏱️ 7.5 hours / 👨‍💻 25+ exercises

Enroll Now

Recognized by the Global Security Community

We speak, train, and compete at the world’s most respected security conferences.

Meet Your Instructor

Hey! 👋 My name is Patrick and I'm the founder of FuzzingLabs, a research-oriented security company specializing in fuzzing, vulnerability research, and reverse engineering.

Over time, we found hundreds of bugs and presented our work at various security conferences around the globe, including BlackHat USA, OffensiveCon, REcon, Devcon, EthCC, RingZer0, ToorCon, hack.lu, NorthSec, Microsoft DCC, etc.

You can read more about me by clicking here.

X Linked_in Youtube Website Mail

FREE Resources & Trainings

Enter your email to receive special deals and a bundle of awesome resources. 100% free - 100% awesome. 👇

Frequently Asked Questions

Please, contact us here if you have any other question!

How to get access to my Fuzzing Labs courses?

FuzzingLabs is using the podia.com platform to provide the course materials.
Immediately after placing your order, you will receive an email with your login details.

I can't or don't want to pay with Paypal or a credit card, can I still join?

Yes of course, just send me an email at fuzzinglabs@gmail.com and we will see how to make it work.

I would prefer to have an online/onsite LIVE training experience, is it possible?

We also offer all the training on this platform in a LIVE online format upon request.
Customization of on-site/online training can also be possible for small groups of attendees and depending on the timezone. Don't hesitate to contact me by mail, the popup chat, or using this form.

For how long I get access to the course?

Any courses in the FuzzingLabs Academy come with life-time access.

Will the training be updated in the future?

Courses will be updated over time and you will receive a notification email.

I'm a student, can I have a special discount?

Yes ;) Send me a message using the chat popup and we will discuss the requirement.