FuzzingLabs

We just published a full N-day reproduction and analysis of #CVE-2026-23111, a #Linux kernel vulnerability affecting nf_tables. This bug comes from an inverted condition in the reactivation path of catch-all map elements, leading to a use-after-free that we leveraged to achieve local privilege escalation. In this write-up, we go beyond the CVE description: - An analysis of the patch to find the vulnerable code path - A dive into nftables internals to fully understand the bug - Our full exploit path which leads to local privilege escalation on a production kernel Reproducing real-world vulnerabilities is still one of the most effective ways to truly understand them and to build better detection, fuzzing strategies, and exploit mitigations. If you're working on: - kernel security - fuzzing / vuln research - or exploit development this one is worth a read. Blogpost made by to Lyes BOURENNANI and Alexis Pinson link in comment

FuzzingLabs is at Forum InCyber - all 3 days. Find us at stand E1-11-F (Cybersecurity for Industry hall). We’ll be demoing FuzzForge, our AI-native offensive security platform that goes beyond vulnerability detection, it validates actual exploitability at scale. FuzzForge runs specialized AI agents for fuzzing, reverse engineering, triage, and exploit analysis, so your security team stops chasing false positives and starts proving what’s truly exploitable. Built by Pwn2Own winners. Battle-tested on real targets. Come talk to us or DM to schedule a demo on-site. 👇 #ForumInCyber #FIC2025 #OffensiveSecurity #FuzzForge #FuzzingLabs

🔐 FuzzingLabs will be at Forum INCYBER (FIC) 2026! We're proud to be a Bronze Partner of one of the Europe's leading cybersecurity event! This year, you'll find us at the CFI (Cybersecurity for Industry) village, stand E1-11-F. Come meet the team and discover #FuzzForge, our Continuous Offensive Security Platform built for security teams who want to move from reactive patching to continuous, automated offensive validation. 📍 Stand E1-11-F — CFI Pod 🗓️ Forum InCyber 2026 — Lille Grand Palais, France 🔗 https://lnkd.in/e97BefFP If you're attending and want to connect, drop us a message! we'd love to chat firmware security, fuzzing, and offensive automation. #ForumInCyber #FIC2026 #CFI #CybersecurityForIndustry #FuzzingLabs #FuzzForge #OffensiveSecurity #IoTSecurity #Fuzzing

🚀 New Training Released - Masterclass: Scapy for Offensive Security We’re excited to announce our new intensive online workshop: 👉 Masterclass Scapy: From Packet Crafting to CVE Reproduction Scapy is one of the most powerful tools for offensive security engineers. In this hands-on masterclass, we go far beyond basics. 🔬 What you’ll learn: • Deep packet manipulation (crafting, editing, decoding) • Real network interactions (send/receive, protocol analysis) • Building and fuzzing a DNS server with Scapy • Introduction to differential fuzzing • Reproducing real-world CVEs using Scapy • Understanding buffer overflows and parsing vulnerabilities This workshop is designed for security engineers, researchers, red teamers, and anyone who wants to level up their network protocol exploitation skills. 💻 Fully online 🧠 Intensive & hands-on 🎯 Focused on offensive use cases If you’re serious about protocol fuzzing and vulnerability research, this masterclass is for you. 🔗 Learn more & enroll: https://lnkd.in/eZfe2mrN #FuzzingLabs #Scapy #OffensiveSecurity #Fuzzing #NetworkSecurity #CVE #RedTeam #CyberSecurity

🇨🇦 FuzzingLabs at REcon Montréal 2026 - 3 Advanced Trainings in June We’re excited to announce that FuzzingLabs will deliver three in-depth trainings at REcon Montréal 2026, taking place June 15-18 in Montréal, Canada. This year, our instructors will cover modern offensive security challenges, from secure systems programming to reverse engineering and real-world IoT exploitation. 🧠 Our trainings at REcon 2026: 🔹 Rust Development for Cyber Security Learn how to build real defensive security tools in Rust through hands-on incident response, malware analysis, memory forensics, and detection engineering. 🔹 Reversing Modern Binaries: Practical Rust & Go Analysis A deep dive into reversing modern Rust and Go binaries, combining tooling, techniques, and advanced malware analysis across both ecosystems. 🔹 Attacking Real-World IoT and Embedded Devices Hands-on exploitation of real consumer and enterprise IoT devices using firmware analysis, emulation, fuzzing, and binary exploitation with targets inspired by real Pwn2Own-style scenarios. These are 4-day, highly practical trainings, designed for security engineers, reverse engineers, and researchers who want skills they can apply immediately. 📍 REcon Montréal 2026 📅 June 15-18, 2026 🔗 Full details & registration: https://lnkd.in/ecQ3uer8 See you in Montréal 👋 #REcon2026 #FuzzingLabs #OffensiveSecurity #ReverseEngineering #RustLang #GoLang #IoTSecurity #EmbeddedSecurity #CyberSecurityTraining

🚀 New Course Released: Fuzzing #Windows Userland Applications (3-Day Certified Training) This is our most advanced Windows-focused training yet built for security engineers, VR researchers, and pentesters who want to master real-world fuzzing on targets like WinRAR, IrfanView, PDF-XChange, and Assault Cube, using tools such as winAFL, Jackalope, Lighthouse, and WTF snapshot fuzzing. You’ll learn how to: - Build and optimize fuzzing harnesses - Rediscover real vulnerabilities & triage crashes - Perform deep coverage analysis - Apply grammar-based & snapshot fuzzing techniques - Analyze complex Windows binaries without symbols This training was delivered at #Zer0Con, and is now available to everyone. For the release, we’re offering a 15% discount for the first 10 students. 🎟️ Code: WINFUZZ15 👉 Link: https://lnkd.in/e93EHhgS

Last week, Patrick Ventuzelo our CEO and the team were at European Cyber Week - Official page in Rennes, and it was an amazing experience. Three intense days meeting great people, sharing ideas, and presenting FuzzForge to dozens of teams who were genuinely excited about the project. Huge thanks to everyone who came by our booth! your feedback and energy were incredible. 👉 Explore FuzzForge: https://lnkd.in/eFND5NgA

Happy and proud to launch two new training/bootcamps in partnership with ESIEA - École d'Ingénieur·e·s d'un numérique utile !!! We will teach applications and mobile security Heureux/impatient de lancer deux nouvelles formations sur le coeur de cible de FuzzingLabs: la sécurité de nos applications et de nos mobiles"

🚀 Big news from FuzzingLabs Academy We’re expanding our training lineup with a brand new format: Masterclasses 🎓 Short, ultra-focused sessions on cutting-edge security topics, perfect to boost your skills fast! 📅 Our Q4 2025 Course Lineup is live: - Fuzzing Windows Userland Applications (Training) - Scapy for Vulnerability Research (Masterclass) - Intro to Cryptographic Hashing (Masterclass) - Reversing Modern Binaries: Rust (Training) - Reversing Modern Binaries: Go (Training) - Applied AI/LLM for Android APK Reversing (Training) - Ollama Vulnerability Research (Masterclass) 🔥 Pre-sales are now open with 20% discount with the code: PRESALE2025 👉 Reserve your spot: https://lnkd.in/euB_uujn #FuzzingLabs #Cybersecurity #Fuzzing #ReverseEngineering #AI #LLM #AppSec

Almost 150 star, 15 forks on Github ans 70+ people on our dedicated discord! Github project: https://lnkd.in/eDxAUdT3 Thanks for all the support!