The workshop is designed to introduce participants to the arcana of the best methods and tools for automatic detection of vulnerabilities and bug analysis in software in a practical way.
In the beginning, we will focus on understanding techniques: binary analysis, searching for various types of vulnerabilities and debugging. We “bite” into practical fuzzing and mistakes that keep programmers awake at night using their non-deterministic occurrence. Participants will learn techniques for analyzing application weaknesses, writing grammars, and obtaining test corpora guaranteeing exciting results.
After understanding the aspects of bughunting, the time will come to automate vulnerability analysis and debugging methods to ensure that defective code elements are quickly found.
The training focuses on x86 / x64 architecture, and attacking projects processing data in various formats (text, binary), network fuzzing on Windows and Linux platforms.
Syllabus
- Why should you look for security vulnerabilities?
- Why is it worth doing with fuzzers and automated methods?
- The most common security problems in software and mitigation mechanisms
- Vulnerability classes
- Protection mechanisms
- Vulnerability research workflow
- Eight fuzzing laws
- Fuzzers under the hood and many a fuzzer’s names
- Guided fuzzing
- Dumb fuzzing
- Smart fuzzing
- Mutation based fuzzing
- Generation based fuzzing
- Hypervisors specializing in fuzzing
- Fuzzing = Unit Tests with DeepState?
- Antifuzzing
- Introduction to fuzzing on GNU / Linux
- How to find a promising component to attack?
- Evolution and testing of code coverage
- Whitebox attacking
- Greybox attacking
- Blackbox attackingfuzzing on Windows and Linux
- Other dimensions of fuzzing
- Large scale fuzzing
- Static code analysis
- Make vulnerability reporting great again!