Completed
Failures of Static Analysis
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Bugs Ruin Everything - Keynote on Vulnerability Analysis and Exploitation
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Welcome!
- 3 Venue Floorplan
- 4 Keynote speakers
- 5 Keynote introduction
- 6 About me
- 7 Overview
- 8 How do I find bugs?
- 9 Factors in Choosing an Application
- 10 Distribution of Applications
- 11 Difficulty of Exploitation
- 12 Security of Software
- 13 Methods of Vulnerability Analysis
- 14 Weaknesses of Static Analysis
- 15 Failures of Static Analysis
- 16 Dynamic Analysis, aka "Fuzzing"
- 17 Failures of Dynamic Analysis
- 18 What do I do? Given enough time...
- 19 Advantages
- 20 Case study
- 21 Instrument webkit
- 22 Run the test suite
- 23 Fuzzing PCRE
- 24 A small auth server
- 25 Getting Control
- 26 A "Good" Crash
- 27 The Corresponding HTML
- 28 Getting PC
- 29 Shellcode
- 30 An iOS 5.0 code signing bug
- 31 Running unsigned code
- 32 Apple review process
- 33 The Daily Hoff
- 34 Instastock
- 35 Conclusions