COURSE SCHEDULE
Attendance type is IN-PERSON.
This 4 DAY DOJO takes place from April 20 (Sunday) to April 23 (Wednesday)
SYLLABUS
Overview
This class is designed to introduce students to the most effective tools and techniques for applying cutting-edge deep learning–based artificial intelligence to cybersecurity tasks. By leveraging AI-driven automation, students will explore new ways to enhance security workflows and optimize vulnerability research. We will take a deep dive into modern AI architectures, focusing on how deep learning models can assist in areas such as malware analysis, reverse engineering, vulnerability research, and penetration testing. Students will learn to train, fine-tune, and apply large language models (LLMs) to solve real-world cybersecurity challenges, integrating AI-driven solutions into their daily operations. The course will provide hands-on experience with model training, embeddings, vector search, and advanced security automation techniques. Through practical exercises, students will gain proficiency in using AI to automate security tasks. By the end of the course, attendees will have the skills and knowledge to incorporate deep learning–based AI solutions into their cybersecurity workflows, enhancing both efficiency and effectiveness.
Who Should Attend
This class is meant for professional developers or security researchers looking to add deep learning artificial intelligence based automation to cybersecurity domains. Students wanting to learn a programmatic and tool driven approach to incorporating the latest artificial intelligence capabilities to their daily work will benefit from this course.
Key Learning Objectives
Gain a fundamental understanding of how modern AI models achieve capabilities such as text completion, data classification, summarization, and analytical tasks - Learn the tools and process for training new models, specializing and improving existing models, and evaluating model capabilities on downstream tasks - Understand how to leverage embeddings and vector search to give models access to proprietary or new information not available during training - Leverage deep learning for tasks related to reverse engineering and vulnerability research.
Prerequisite Knowledge
Students should be prepared to tackle challenging and diverse subject matter and be comfortable writing functions in python and C to complete exercises involving using python libraries or frameworks to write LLM enhanced tools and simple harnesses for C libraries. Attendees should also have basic experience with the high level applied topics such as reverse engineering, code auditing, fuzzing, and web penetration testing.
Hardware / Software Requirements
This class will be using Python 3.10+ and LLVM/Clang on amd64 Linux. A preconfigured VMware Workstation VM will be provided as well as an amd64 Linux docker image. We will also use Google Collab notebooks for free online GPU resources. Students should have a working Google account with Google Collab access. Further instructions will be communicated prior to class.
Class Topics
Deep Learning Fundamentals
Model Architectures: SVM, CNN, LSTM, Transformers
Tokenizers and Embeddings
Deep dive on Transformer models
Training a nanoGPT model from scratch
Data Analysis and Search
Embeddings and Vector Search
Retrieval Augmented Generation (RAG) Systems
Malware classification and clustering
Reverse Engineering
LLM assisted disassembly and decompilation
Symbol recovery and code annotations
Code Auditing
Writing a custom model eval benchmark
Using vector search to identify patterns in code that may be vulnerable or malicious
Generating pattern matching signatures to hunt for code that is similar to known vulnerable code patterns (using weggli or semgrep as tools to do the pattern matching)
Fuzzing
Intro to fuzzing with AFL++
Fuzz harness generation with LLMs
Crash analysis and processing with LLMs
Web App Testing
Agentic systems with goal seeking, function calling, and tool use
Using LLMs to automate web site penetration testing tools
LLM System Tuning and Enhancement
Methods for fine-tuning
SFT, RLHF, DPO
Reinforcement learning using reward systems
Last Updated: February 2025
INSTRUCTOR BIO:
Richard Johnson is a computer security specialist with a focus on fuzzing and software vulnerability analysis. Richard has been a training instructor since 2017 and is the founder of FUZZING IO, a research and development company offering professional training and consulting services. Richard offers over 20 years of professional expertise and leadership in the information security industry, previously Director of Security Research at Oracle Cloud leading software and hardware vulnerability research teams and at Cisco Talos as the founder of the VulnDev team that finds hundreds of zeroday vulnerabilities each year. Richard has delivered training and presented annually at premier industry conferences for over two decades including Black Hat, Defcon, OffensiveCon, RECON, CanSecWest, and many more.