Bugs Ruin Everything - Keynote on Vulnerability Analysis and Exploitation

Bugs Ruin Everything - Keynote on Vulnerability Analysis and Exploitation

OWASP Foundation via YouTube Direct link

An iOS 5.0 code signing bug

30 of 35

30 of 35

An iOS 5.0 code signing bug

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Bugs Ruin Everything - Keynote on Vulnerability Analysis and Exploitation

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Welcome!
  3. 3 Venue Floorplan
  4. 4 Keynote speakers
  5. 5 Keynote introduction
  6. 6 About me
  7. 7 Overview
  8. 8 How do I find bugs?
  9. 9 Factors in Choosing an Application
  10. 10 Distribution of Applications
  11. 11 Difficulty of Exploitation
  12. 12 Security of Software
  13. 13 Methods of Vulnerability Analysis
  14. 14 Weaknesses of Static Analysis
  15. 15 Failures of Static Analysis
  16. 16 Dynamic Analysis, aka "Fuzzing"
  17. 17 Failures of Dynamic Analysis
  18. 18 What do I do? Given enough time...
  19. 19 Advantages
  20. 20 Case study
  21. 21 Instrument webkit
  22. 22 Run the test suite
  23. 23 Fuzzing PCRE
  24. 24 A small auth server
  25. 25 Getting Control
  26. 26 A "Good" Crash
  27. 27 The Corresponding HTML
  28. 28 Getting PC
  29. 29 Shellcode
  30. 30 An iOS 5.0 code signing bug
  31. 31 Running unsigned code
  32. 32 Apple review process
  33. 33 The Daily Hoff
  34. 34 Instastock
  35. 35 Conclusions

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.