Exploiting 10x Faster: AI Agents for Vulnerability Finding and Exploitation // Omri Ben-Bassat, Vladimir Tokarev

Virtual | October 26-31 | 32 Hours

BOOK NOW

ABSTRACT

This 32 hour training is built for experienced vulnerability researchers who want to bring the latest AI Agents, frontier models, Skills, Subagents, and Model Context Protocol (MCP) tooling into their workflow to accelerate reverse engineering, vulnerability finding, and exploit development. Through focused lectures and hands-on labs, you’ll use agentic workflows to explore large codebases, surface high-impact bugs, speed up crash triage, and automate reversing and debugging tasks with MCP-enabled Ghidra, IDA Pro, and GDB.

You’ll design and build a vulnerability-finding Multi-Agent System using Skills and Subagents, then use it to discover vulnerabilities in a real-world open-source USB stack. Later in the course, we’ll put everything together in a separate end-to-end summary exercise based on a real-world VM escape vulnerability, where you’ll map attack surfaces, analyze bugs, and develop a working exploit using AI-assisted workflows.

Students leave with practical checklists, repeatable automation patterns, and modern techniques that compress weeks of research into days. Cursor accounts and tooling are provided, though Claude Code users are also welcome. No prior AI experience is required.

INTENDED AUDIENCE

This course is designed for experienced vulnerability researchers with a solid background in reverse engineering and low-level software exploitation who want to get into agentic vulnerability research workflows.

BOOK NOW

COURSE OUTLINE

Module 1 - AI-Assisted Reverse Engineering and Debugging

  • Introduction to AI agents, Skills, MCPs, and practical offensive security workflows
  • Automating reverse engineering and debugging tasks with Cursor, Ghidra or IDA Pro, and GDB
  • AI-assisted crash triage, binary analysis, and memory corruption debugging workflows
  • Short focused lectures combined with quick, hands-on exercises throughout the module

Module 2 - Multi-Agent Vulnerability Finding Harnesses

  • Designing and building Multi-Agent Systems (MAS) for automated vulnerability research
  • Using Skills and Subagents for code exploration, fuzzing harness generation, vulnerability finding, and automated triage
  • Hands-on exercises targeting a real-world open-source USB stack

Module 3 - AI-Assisted Exploit Reproduction and Research Environments

  • Building automated IoT vulnerability research lab environments with AI agents using Docker and QEMU
  • Reproducing and debugging a real-world embedded device exploit from public research
  • Using prompting strategies, context management, and Subagents to automate firmware extraction, environment setup, and exploit adaptation
  • Hands-on exercises focused on fixing incomplete PoCs and learning real-world offensive security research workflows

Module 4 - End-to-End Exploitation and Summary Exercise

  • Full end-to-end exploitation exercise where you'll develop an exploit from scratch using AI agents against a real-world VirtualBox 1-day vulnerability
  • We'll cover VM escape exploitation concepts, attack surface analysis, and all required background needed to successfully complete the exploitation exercise
  • Instructor walkthrough of the full exploitation workflow used to solve the summary exercise
BOOK NOW

Knowledge Prerequisites

  • Hands-on reverse engineering experience
  • Experience with C/C++ codebases, including manual analysis and debugging
  • Experience using IDA Pro and/or Ghidra
  • Familiarity with debuggers such as GDB or WinDbg
  • A strong understanding of memory corruption vulnerabilities (e.g. UAF, heap/stack overflows, etc.)

No prior knowledge about using AI tooling is required

Hardware Requirements

  • x86-64 system capable of nested virtualization (or access to a remote server)
  • At least 60 GB of free disk space
  • At least 16 GB of RAM

Software Requirements

  • Host OS: Linux or Windows
  • Latest VMWare Workstation (free version)
  • Docker

Students will be provided with

  • Presentation slides and supporting course material
  • Pre-configured course virtual machine with the required tooling and environments
  • Access to the course CTFd platform containing all labs, exercises, and detailed step-by-step instructions
  • Cursor accounts for the duration of the training

We encourage students to arrive with their own Cursor or Claude Code accounts and preferred AI tooling already configured. While we only provide Cursor accounts as part of the training, we fully support Claude Code users and will guide them throughout the course as well.

YOUR INSTRUCTORS: Omri Ben-Bassat and Vladimir Tokarev

Omri Ben-Bassat is a vulnerability researcher specializing in reverse engineering, binary exploitation, and low-level vulnerability analysis, with over a decade of experience working on IoT and embedded systems. He has presented his research at Black Hat USA, Black Hat Asia, and the RSA Conference, and co-taught the “Exploiting 10x Faster” training with Vladimir Tokarev at Black Hat Asia 2026 and TyphoonCon 2026. As part of his more academic research work, Omri will also be presenting at Black Hat USA 2026 on breaking ARM Hardware CFI protections in Linux and Android systems.

Vladimir Tokarev is a Senior Vulnerability Researcher at Cyera with over 11 years of experience in the cybersecurity field. He specializes in vulnerability research across Windows, Linux, IoT, OT, and cloud environments. Vladimir has presented his research at leading industry conferences, including Black Hat USA 2023, Black Hat USA 2024, RSA Conference 2023, and DEF CON Recon Village 2025.

Together, Omri and Vladimir have extensively integrated AI agents, modern LLM tooling, and MCP-based workflows into their vulnerability research process. The techniques and workflows taught throughout this training are based on practical experience applying these tools to reverse engineering, vulnerability discovery, exploit development, and real-world offensive security research.

BOOK NOW
Ringzer0’s Virtual Training Experience & FAQ
What can I expect from a virtual training delivered by Ringzer0, and answers to frequently asked questions.
Ringzer0Ringzer0
Cancellation Policy

Cancellations are not permitted but attendee changes can be accommodated anytime prior to the start of the course.

Note: In the event of a class cancellation, Ringzer0 will endeavor to offer transfer to another training at no additional charge.
FALL:2026 // Virtual Training // October 26-31

OTHER VIRTUAL TRAINING COURSES

Great! Next, complete checkout for full access to Ringzer0
Welcome back! You've successfully signed in
You've successfully subscribed to Ringzer0
Success! Your account is fully activated, you now have access to all content
Success! Your billing info has been updated
Your billing was not updated