Finding 0days

This four day class teaches the process of binary auditing. The class introduces the various bug types and how to discover them using the vulnerability development-oriented Immunity Debugger. Introductory theory will be accompanied by hands-on labs in finding bugs and scripting the debugger to automate the audit process.



Class Outline
  • Basics
    • i386 assembly for Auditing
    • Calling Conventions
    • Immunity Debugger basic scripting and APIs
  • Introduction into Auditing for Vulnerabilities
    • Memory Corruption
      • Where is the buffer located?
      • How many bytes can we write?
      • What data are we corrupting?
    • Dangerous APIs
      • the Win32 API (from an auditor's perspective)
    • Unicode vs Ascii
    • Integer Under/Overflow
  • Focused Audit
    • MSRPC
    • ActiveX
    • C++ common bugs
    • Protocols
  • Fuzzing
    • Concepts
    • Using SPIKE
  • Prerequisites
    • Basic Python Programming skills
    • Basic Debugging Knowledge
    • A laptop with Windows XP or 2000 (As a host or as a guest image)

    These topics will be taught to the class in an entirely hands on, lab-oriented, fashion.

    The instructors for this class include some of the world's best exploitation and vulnerability analysis experts, who will guide you through your studies and provide a path for future development. This class is often taught in conjunction with the other Windows exploitation classes.


    • Contact    |    Privacy Policy    |    Usage Policy

    Copyright © 2002-2004 - Immunity, Inc. All Rights Reserved.