Rust Security Audit and Fuzzing by Patrick Ventuzelo

Rust Security Audit and Fuzzing

Learn which kind of security vulnerabilities/bugs can be found inside Rust code, how to detect them statically and automatically using fuzzing techniques.
🎞️ 84 videos / ⏱️ 9.5 hours / πŸ‘¨β€πŸ’» 25+ exercises

Description

Rust is a strongly typed and safe systems programming language developed by Mozilla. Recently, it has become the language of choice to build memory-safe programs while maintaining high performance at scale. Mostly, Rust is used for files format and protocols parsers but also on other critical projects like in the new high-performance browser engine, Servo.

However, coding using memory-safe language doesn’t mean the code will be free of bugs. Different kinds of vulnerabilities like integer overflows, OOM, DoS, UaF, OOB, etc. can still be found and sometimes exploited to achieve remote code execution (RCE).

This course teaches you all the prerequisites to understand which kind of vulnerability can be found inside Rust code. You will learn how to find low hanging fruits bugs manually and automatically using different Rust auditing tools. You will discover how to use existing Rust fuzzing frameworks, triage/debug crashes and improve your code coverage using different techniques. Finally, you will discover how to build custom Rust fuzzers and implement advanced fuzzing techniques.

This training offers you multiple hands-on exercises allowing you to internalize concepts and techniques taught in class.

What's included?

πŸ”‘ Immediate access to all the content
⏱️ 9.5 hours of curated and practical knowledge
🎞️ 80+ easy-to-digest, on-demand videos
πŸ‘¨β€πŸ’» 25+ hands-on exercises & labs
♾️ Lifetime access
πŸ“– 280+ digital and printable slides
πŸ“ Assignments to apply your new skills
πŸ’― Certificate of completion

Who should attend?

This course is for anyone who's looking for a hands-on and pragmatic approach to audit and secure Rustlang code:

βœ” Software developers
βœ” Security engineers
βœ” Vulnerability researchers
βœ” Pentesters & Red team professionals

What's included in this bundle?

Rust Audit and Code Review

Learn which kind of security bugs can be found inside Rust code and how to detect them statically.
🎞️ 42 videos / ⏱️ 5 hours / πŸ“– 160 slides
View details

Fuzzing and Crash Analysis

Learn how to use Rust fuzzers, develop harnesses and apply different fuzzing techniques to find bugs.
🎞️ 42 videos / ⏱️ 4.5 hours / πŸ“– 120 slides
View details

Getting Started with Rust Fuzzing using cargo-fuzz

Quick introduction to Rust fuzzing in 5 min.
View details

Rust Security Virtual Machine

Virtual machine with everything installed for the Rust Security Audit and Fuzzing training.
View details

Day 1: Rust Security Audit and Code Review

In this course, you will focus on Rust code audit and vulnerability research. First, You will discover which security mechanisms are enforced by default in Rust, which vulnerabilities are the most common and how to detect them. Then, you will have the opportunity to analyze unsafe code and apply much of the theory in practice over small real-life hands-on assignments to highlight aspects of auditing Rust code.

Rust introduction and security concepts
  • Get a quick introduction to Rust language and its ecosystem.
  • Compile and execute Rust code examples.
  • Discover how Rust security mechanism works.
Detect most common Rust vulnerabilities
  • Identify multiple vulnerabilities and their impacts.
  • Reproduce bugs and learn how to detect them in the future.
  • Evaluate security of real-life crate packages using code review.
Auditing unsafe code
  • Understand why unsafe code exists and when it can be dangerous.
  • Detect unsafe memory issues using sanitizing tools.
  • Analyze real-world usage of unsafe code.
Real-World: Audit popular Rust packages
  • Choose targets to audit from popular libraries.
  • Identify interesting code patterns.
  • Share hypothesis and findings.

Day 2: Rust Fuzzing and Crash Analysis

In this course, you will focus on automated Rust vulnerability detection using different fuzzing techniques. You will first learn how to create fuzzing harnesses for a given target quickly using coverage-guided fuzzing. Then, you will evaluate the fuzzing results and analyze crashes using debugging. Finally, you will discover other advanced techniques to find in-depth bugs on popular Rust libraries.

Assignment 5: Fuzzing Rust library in less than 5 minutes
  • Learn the different steps in the fuzzing workflow.
  • Discover which Rust coverage-guided fuzzers are the best.
  • Write fuzzing harnesses for real-world public libraries.
Assignment 6: Improve and analyze your fuzzing session
  • Generate code coverage to evaluate fuzzing results.
  • Minimize both corpora and crashes to optimized fuzzing speed.
  • Triage and analyze bugs found during fuzzing.
Assignment 7: Applied advanced fuzzing techniques
  • Learn how to fuzz Rust structure using structure-aware based fuzzing.
  • Improve fuzzers input generation using grammar-based fuzzing.
  • Implement differential fuzzing to find logic bugs.
Assignment 8: Real-World: Fuzzing popular Rust packages
  • Choose targets to fuzz from previously audited libraries on day 1.
  • Create different fuzzing hardnesses for popular file and text format parsers.
  • Analyze and triage their crashes to find 0-days.

Student feedback

Essential training covering all shorts of issues and scenarios. A well rounded training that does not leave anything uncovered. A great place to start when entering Rust space.
Georgios.D
This course is pure gold. I wasted weeks looking for an alternative instead of taking this course directly. Huge mistake on my end because Patrick's slides are awesome and teach everything you need to know about for Rust security.

Anonymous
Hi! πŸ‘‹ My name is Patrick Ventuzelo. I'm a security researcher specialized in fuzzing, vulnerability research and reverse engineering.

Since 2016, I've found hundreds of bugs and presented my work at various security conferences around the globe, including REcon, RingZer0, ToorCon, hack.lu, NorthSec, FIRST, Microsoft DCC, etc.

Fuzzing Labs is basically my online training platform where I share everything I've been learning, researching and practicing over the past years.

FAQs

How to get access to my Fuzzing Labs courses?

Fuzzing Labs is using the podia.com platform to provide the trainings materials.
Immediately after placing your order, you will receive an email with your login details. 

I can't or don't want to pay with Paypal or a credit card, can I still join?

Yes of course, just send me an email at fuzzinglabs@gmail.com and we will see how to make it work.

I would prefer to have an online/onsite LIVE training experience, is it possible?

We also offers all the trainings on this platform in a LIVE online format upon requests.
Customization of on-site/online trainings can also be possible for small groups of attendees and depending of the timezone. Don't hesitate to contact me by mail, the popup chat or using this form.

For how long I get access to the course?

Any courses in the Fuzzing Labs Academy comes with a life-time access.

Will the training be updated in the future?

Courses will be updated over the time and you will receive a notification email.

I'm a student, can I have a special discount?

Yes ;) Send me a message using the chat popup and we will discuss about the requirement.