Reverse Engineering & Bug Hunting Trainings Class @ CSW

Hey all,

Sebastian and me will be teaching a bug hunting / reverse engineering trainings class at CanSecWest. With the increased sophistication of both exploitation mitigations and simple static checkers, aquiring an understanding of a piece of software when performing vulnerability research is getting more and more important. In our class, we’ll teach techniques that help you become faster and more productive when reverse engineering. Concrete examples will be worked through for every abstract concept.

Things that we’ll do in this class:

  • Generate full UML class diagrams from Acrobat Reader (UML generation from RTTI information)
  • Understand Acrobat Readers Javascript implementation – by porting information from Spidermonkey (Symbol Porting)
  • Isolating complicated parsing code through differential debugging
  • Use lots of Python to extend both IDA and BinNavi – use REIL to perform common tasks
  • Read security updates

You can sign up for the class here.