English | Size: 634.2 MB
Genre: eLearning
If you want to “have” your CVE, you’ve come to the right place! The workshop is designed to introduce participants to the arcana of the best methods and tools for automatic detection of vulnerabilities and bug analysis in software in a practical way.
In the beginning, we will focus on understanding techniques: binary analysis, searching for various types of vulnerabilities and debugging. We “bite” into practical fuzzing and mistakes that keep programmers awake at night using their non-deterministic occurrence. Participants will learn techniques for analyzing application weaknesses, writing grammars, and obtaining test corpora guaranteeing exciting results.
After understanding the aspects of bughunting, the time will come to automate vulnerability analysis and debugging methods to ensure that defective code elements are quickly found.
The training focuses on x86 / x64 architecture, and attacking projects processing data in various formats (text, binary), network fuzzing on Windows and Linux platforms.
Course Content
Why should you look for security vulnerabilities?
Why is it worth doing with fuzzers and automated methods?
The most common security problems in software and mitigation mechanisms
Vulnerability classes
Protection mechanisms
Vulnerability research workflow
Eight fuzzing laws
Fuzzers under the hood and many a fuzzer’s names
Guided fuzzing
Dumb fuzzing
Smart fuzzing
Mutation based fuzzing
Generation based fuzzing
Hypervisors specializing in fuzzing
Fuzzing = Unit Tests with DeepState?
Antifuzzing
Introduction to fuzzing on GNU / Linux
How to find a promising component to attack?
Evolution and testing of code coverage
Magic numbers & fuzzer – How to deal with it?
Generate and manually create test cases with better code coverage
Whitebox attacking
AFL ++
Honggfuzz
LibFuzzer – function level testing
Writing your LibFuzzer fuzzer
ClusterFuzz & OSS-Fuzz from Google
Fuzzing C# and Python projects
Greybox attacking
What is the attack on the greybox?
AFLSmart
Blackbox attacking
AFL++ and honggfuzz with QEMU
Introduction to fuzzing on Windows
Differences between fuzzing on Windows and Linux
WinAFL
Other dimensions of fuzzing
ROI prediction with Pythia – When does fuzzing stop paying off?
Network fuzzing without network? Yes, of course!
Hybrid fuzzing with Symbolic / Concolic Execution
Artificial intelligence in the service of bughunting
Large scale fuzzing
Fuzz-Driven Development
FuzzManager
Integration of FuzzManager with AFL / Honggfuzz / LibFuzzer
Code coverage testing for FuzzManager
Grouping duplicates using signatures
Static code analysis
We have 2020, is it still worth it?
cppcheck vs. Clang Static Analyzer
Verification of found issues with AFLGo
Static analysis as the first step to manual code review?
Make vulnerability reporting great again!
Vulnerability analysis
Sanitizers (ASAN, MSAN, UBSAN, TSAN)
valgrind
DrMemory
What should a reliable vulnerability report contain?
Basics of a selection of interesting cases of vulnerabilities
Determination of bugs criticality
How to do it as efficiently and painlessly as possible?
Work with non-deterministic code failures
Debugging with RR
Target Audience
IT security specialists and pentesters, programmers and testers;
IT security researchers;
providers of IT security solutions;
IT security enthusiasts;
everyone who is thinking about a career in the field of offensive application security!
rapidgator.net/file/5cc85251d0dc03b9455d2b640874868a/Fromzerotofirst0-day.part1.rar.html
rapidgator.net/file/b6597f449390e7d2bea114fef6537c7b/Fromzerotofirst0-day.part2.rar.html
tbit.to/16gudkoc7u1i/Fromzerotofirst0-day.part1.rar.html
tbit.to/y7yvddkkm3vh/Fromzerotofirst0-day.part2.rar.html
If any links die or problem unrar, send request to
forms.gle/e557HbjJ5vatekDV9