AI Agents for Cybersecurity

4800€ | 6th to the 9th of October 2025

This class is designed to introduce students to the most effective tools and techniques for applying cutting-edge deep learning–based artificial intelligence to cybersecurity tasks. By leveraging AI-driven automation, students will explore new ways to enhance security workflows and optimize vulnerability research. We will take a deep dive into modern AI architectures, focusing on how deep learning models can assist in areas such as malware analysis, reverse engineering, vulnerability research, and penetration testing. Students will learn to train, fine-tune, and apply large language models (LLMs) to solve real-world cybersecurity challenges, integrating AI-driven solutions into their daily operations. The course will provide hands-on experience with model training, embeddings, vector search, and agents for fuzzing, source code auditing, voice cloning, website penetration testing, and more! Through practical exercises, students will gain proficiency in using AI to automate security tasks. By the end of the course, attendees will have the skills and knowledge to incorporate deep learning–based AI solutions into their cybersecurity workflows, enhancing both efficiency and effectiveness.


Objectives of the training

Gain a fundamental understanding of how modern AI models achieve capabilities such as text completion, data classification, summarization, and analytical tasks

Learn the tools and process for training new models, specializing and improving existing models, and evaluating model capabilities on downstream tasks

Understand how to leverage embeddings and vector search to give models access to proprietary or new information not available during training

Leverage deep learning for tasks related to reverse engineering and vulnerability research

The trainer

Who will run this training?

Richard
Johnson

FUZZING IO

Richard Johnson is a computer security specialist with a focus on fuzzing and software vulnerability analysis. Richard has been a training instructor since 2017 and is the founder of FUZZING IO, a research and development company offering professional training and consulting services. Richard offers over 20 years of professional expertise and leadership in the information security industry, previously Director of Security Research at Oracle Cloud leading software and hardware vulnerability research teams and at Cisco Talos as the founder of the VulnDev team that finds hundreds of zeroday vulnerabilities each year. Richard has delivered training and presented annually at premier industry conferences for over two decades including Black Hat, Defcon, OffensiveCon, RECON, CanSecWest, and many more.

Syllabus

What will we do?

Deep Learning Fundamentals

  • Model Architectures: SVM, CNN, LSTM, RNN, Transformers
  • Tokenizers and Embeddings
  • Deep dive on Transformer models
  • Training a nanoGPT model from scratch

Data Analysis and Search

  • Embeddings and Vector Search
  • Retrieval Augmented Generation (RAG) Systems
  • Malware classification and clustering

Reverse Engineering

  • LLM assisted disassembly and decompilation
  • Symbol recovery and code annotations

Code Auditing

  • Writing a custom model eval benchmark
  • Using vector search to identify patterns in code that may be vulnerable or malicious
  • Generating pattern matching signatures to hunt for code that is similar to known vulnerable code patterns (using weggli or semgrep as tools to do the pattern matching)

Fuzzing

  • Intro to fuzzing with AFL++
  • Fuzz harness generation with LLMs
  • Crash analysis and processing with LLMs

Web App Testing

  • Agentic systems with goal seeking, function calling, and tool use
  • Using LLMs to automate web site penetration testing tools

Social Engineering

  • Voice cloning
  • Audio Captcha bypass
  • Voice Menu System navigation

LLM System Tuning and Enhancement

  • Methods for fine-tuning
  • SFT, RLHF, DPO
  • Reinforcement learning using reward systems

Audience and prerequisites

This class is meant for professional developers or security researchers looking to add deep learning artificial intelligence based automation to cybersecurity domains. Students wanting to learn a programmatic and tool driven approach to incorporating the latest artificial intelligence capabilities to their daily work will benefit from this course.

Students should be prepared to tackle challenging and diverse subject matter and be comfortable writing functions in python and C to complete exercises involving using python libraries or frameworks to write LLM enhanced tools and simple harnesses for C libraries. Attendees should also have basic experience with the high level applied topics such as reverse engineering, code auditing, fuzzing, and web penetration testing.

Hardware/Software requirements

This class will be using Python 3.10+ and LLVM/Clang on amd64 Linux. A preconfigured VMware Workstation VM will be provided as well as an amd64 Linux docker image. We will also use Google Collab notebooks for free online GPU resources. Students should have a working Google account with Google Collab access. Further instructions will be communicated prior to class.

Other trainings

What else might interest you?

Read more

Hypervisor development for security analysis

Satoshi Tanda

Read more

Azure intrusion for red teamers

Paul Barbé & Matthieu Barjole

Read more

Exploiting the Linux Kernel

Andrey Konovalov

Read more

From KVM to Mobile Security Platforms - Attacking Hypervisors

zi & Specter

Read more

iOS for Security Engineers

Quentin Meffre & Etienne Helluy-Lafont

Read more

Modern Malware OPSEC & Anti-Reverse Techniques Implementation and Reversing

Silvio La Porta & Antonio Villani

Read more

Practical Baseband Exploitation

Pedro Ribeiro & Nitay Artenstein

Read more

Software Deobfuscation Techniques

Tim Blazytko

contact@hexacon.fr

Discord

@hexacon_fr

About

The Hexacon team

The committee

Code of conduct

Archives

2022

2023

2024