By the end, you’ll not only understand how emulators work—you’ll be able to build, modify, and analyze them for research, debugging, and vulnerability discovery.

The course combines hands-on labs, in-browser exercises, and conceptual lectures to bridge theory and practice, preparing students to tackle topics such as system emulation, hardware-assisted execution, and fuzzing of embedded targets.

You will start by understanding what emulation truly means—how software can imitate hardware—and progressively build your own 8-bit CPU emulator in Python (SimpleProc-8), extend it with interrupts, I/O, and MMIO, and finally instrument real-world emulators like QEMU.

This course explores the fascinating world of emulation, guiding learners from the fundamentals of CPU design to the internals of QEMU and advanced instrumentation techniques.

This captures current and future plans for classes involving security in the deep-dark of firmware! But Binarly is starting to give visibility into what's going on there with their binary analysis platform.

You could use the OST1 Rootkits class (opensecuritytraining.info/Rootkits.html) as a starting template, since that's the whole point of making the materials under CC licenses. Xeno Kovah isn't planning on updating it as he's off in Bluetooth world now.

As always, the recommendation is for students to take the class as it's meant to be seen at ost2.fyi/Fuzz1001 where you get lab instructions, etc.

PDFs are vector-based for full quality when zooming, and have click-to-go-to-class links

Designed for developers, security engineers, and researchers, the course covers both foundational TPM 2.0 concepts and practical hands-on development techniques for interacting with TPM hardware and simulators. This class has a median completion time of 13 hours.