Signal Labs - Vulnerability Research & Fuzzing

(7 months ago)Leviathan Wrote: Vulnerability Research & FuzzingA complete introduction to 0-day discovery for Windows targets, focusing on closed-source real-world software, including kernel modules and user code.

Learn about snapshot-fuzzing real-world Windows targets & finding logic 0-days.Who should take this course?

Anyone looking to get into Windows vulnerability research and fuzzing, although many of the concepts and approaches taught can be used for fuzzing on other platforms (MacOS/Linux, etc), all the exercises will focus on Windows. Also useful for red-teamers looking to add zero-days to their arsenal (with a dedicated section on finding quick 0-days on time-limited engagements).

Most topics are beginner friendly and assume limited or no prior experience with modern fuzzing approaches and Windows vulnerability research, with advanced topics (hypervisors & emulators, for example) presented in an easy-to-understand manner.

Course SyllabusCore Windows Internals & Fuzzing Theory (Key Knowledge):Introductory Hands-On FuzzingDebugging & Crash Analysis (Bug Analysis):Advanced Fuzzing w/ Real TargetsAdvanced Fuzzing Continued (Snapshots, Custom Techniques)Fast 0-days & Logic Bugs (Bug Discovery): 

SPOILER ShowHide

Password: LeakForum.io

(7 months ago)Leviathan Wrote: Vulnerability Research & FuzzingA complete introduction to 0-day discovery for Windows targets, focusing on closed-source real-world software, including kernel modules and user code.

Learn about snapshot-fuzzing real-world Windows targets & finding logic 0-days.Who should take this course?

Anyone looking to get into Windows vulnerability research and fuzzing, although many of the concepts and approaches taught can be used for fuzzing on other platforms (MacOS/Linux, etc), all the exercises will focus on Windows. Also useful for red-teamers looking to add zero-days to their arsenal (with a dedicated section on finding quick 0-days on time-limited engagements).

Most topics are beginner friendly and assume limited or no prior experience with modern fuzzing approaches and Windows vulnerability research, with advanced topics (hypervisors & emulators, for example) presented in an easy-to-understand manner.

Course SyllabusCore Windows Internals & Fuzzing Theory (Key Knowledge):Introductory Hands-On FuzzingDebugging & Crash Analysis (Bug Analysis):Advanced Fuzzing w/ Real TargetsAdvanced Fuzzing Continued (Snapshots, Custom Techniques)Fast 0-days & Logic Bugs (Bug Discovery): 

SPOILER ShowHide

Password: LeakForum.io

(7 months ago)Leviathan Wrote: Vulnerability Research & FuzzingA complete introduction to 0-day discovery for Windows targets, focusing on closed-source real-world software, including kernel modules and user code.

Learn about snapshot-fuzzing real-world Windows targets & finding logic 0-days.Who should take this course?

Anyone looking to get into Windows vulnerability research and fuzzing, although many of the concepts and approaches taught can be used for fuzzing on other platforms (MacOS/Linux, etc), all the exercises will focus on Windows. Also useful for red-teamers looking to add zero-days to their arsenal (with a dedicated section on finding quick 0-days on time-limited engagements).

Most topics are beginner friendly and assume limited or no prior experience with modern fuzzing approaches and Windows vulnerability research, with advanced topics (hypervisors & emulators, for example) presented in an easy-to-understand manner.

Course SyllabusCore Windows Internals & Fuzzing Theory (Key Knowledge):Introductory Hands-On FuzzingDebugging & Crash Analysis (Bug Analysis):Advanced Fuzzing w/ Real TargetsAdvanced Fuzzing Continued (Snapshots, Custom Techniques)Fast 0-days & Logic Bugs (Bug Discovery): 

SPOILER ShowHide

Password: LeakForum.io