WINSLØW.IO

Advanced Cybersecurity Trainings

Hands‑on offensive security courses for engineers

Small groups, real targets, and modern techniques you can apply immediately at work. Private sessions available on‑site worldwide.

Explore the catalog Get a quote
Instructor‑led BYOLab • Certificate of completion
$ fuzz build --target java [+] instrumenting classes with Jazzer [+] linked sanitizers: ASan, UBSan [+] seed corpus: 2.1k inputs • coverage: 82.3% [!] crash found: IllegalStateException in PNGDecoder.java:214 → reproducer saved to artifacts/2025-09-18T10-21
Offline
Format
Realistic
Scenarios
Hands‑on
Labs

Training catalog

Start with our flagship course today. More topics are added over time; ask for a custom track for your team.

Advanced Java Fuzzing Techniques

Level Intermediate

A deep, practical dive into fuzzing managed Java targets using Jazzer, corpus design, sanitizers, and crash triage for real-world software.

  • Corpus mgmt, mutation strategies, coverage
  • Source & dynamic instrumentation
  • Jazzer deep-dive (hooks, adapters, filters)
  • Crash reproduction, minimization, sanitizers
View syllabus Upcoming dates
3 days
CHF 1,950 / seat

Audience & outcomes

  • For developers, SREs, and security engineers with Java experience.
  • Build a fuzzing harness, design a corpus, and triage crashes.
  • Integrate fuzzing into CI and measure coverage effectively.
  • Leave with working harnesses and reproducible PoCs.
Format: 3 days • 70% labs • Bring your own laptop (Docker/Java 17)
Fuzzing fundamentals
  • Corpus design & mutation
  • Coverage-guided fuzzing
  • Manual fuzzing & basic mutators
Tools overview
  • AFL basics & modes
  • LibFuzzer mindset
  • Structure-aware fuzzing
Java-specific fuzzing
  • JVM/bytecode refresher
  • Jazzer internals & hooks
  • Sanitizers & crash triage

Offensive Security Awareness Training

Level Beginner

Demo-driven, vendor-neutral awareness for mixed audiences. Participants learn how attackers think, how common kill-chains unfold, and how to spot & avoid sophisticated traps targeting them and their organization.

  • Attacker mindset & modern kill-chains
  • OSINT (what’s already exposed about you/org)
  • Phishing & social engineering patterns
  • Passwords, 2FA, device hygiene
  • Remote work & BYOD risks
  • Physical security & insider threats
View syllabus Upcoming dates
5 hours
On request

Audience & outcomes

  • Engineering, ops, product, sales, HR, leadership
  • Spot high-risk signals in email, web, and messaging
  • Reduce oversharing and inadvertent data leaks
  • Apply practical safeguards at work and home
Format: 5 hours • Interactive talk + live demos + quizzes (no prior security background required)
Foundations & Threats
  • Common attack goals & paths
  • Assets that matter (IP, creds, data)
  • “Why me?” (motivation & incentives)
OSINT & Recon
  • Company site & public docs
  • Dorks, archives, registers, WHOIS
  • Leaks & credential exposures
Social Engineering
  • (Spear-)phishing via mail, SMS, voice
  • QR codes, USB drops, rogue APs
  • Red flags & verification habits
Protection Basics
  • Password strength & managers
  • 2FA and recovery hygiene
  • Staying up-to-date
Physical & Insider
  • Badge tailgating & visitor policy
  • Device/desk security
  • Insider risk examples
End-to-End Walkthrough
  • Recon → initial access → impact
  • Containment & reporting flow
  • Q&A

Upcoming sessions

Public dates listed below. Want a private delivery? Request three proposed dates and a quote.

Training Date Location Price
Advanced Java Fuzzing Techniques 2026-01-28 Zurich, CH CHF 1,950 Register
Capacity
8–16 participants (recommended)
Delivery
On‑site worldwide or virtual live
Languages
English • Français • Русский

Your instructors

Security researchers with a decade in offensive R&D and teaching.

Roland Sako
Security Researcher • Trainer

Firmware, fuzzing, and hardware security. Speaker at BSides and university programs.

Sergey Temnikov
Security Researcher • Trainer

Java internals, Jazzer contributor, and vulnerability research in complex systems.

Trusted by engineers from… (add logos here)

FAQ

What is the required background?

Comfort with Java and the command line. Basic testing experience helps.

What do participants need to bring?

A laptop with Docker and Java 17 installed. We provide lab images.

Do you offer private deliveries?

Yes—on‑site worldwide or remote. We tailor the syllabus to your codebase.

Can you issue invoices to the EU/CH/US?

Yes. We are a Swiss company and can invoice internationally.

Request a quote or public date

Tell us about your team and preferred timeline. We reply within one business day.

Contact

  • trainings@winsl0w.io
YouTubeLinkedInTwitterGitHub