Completed
Google Project Zero
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
The Aftermath of a Fuzz Run - What to Do About Those Crashes?
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 NeXT, Apple, Weblogic, BEA Systems, Azul Systems
- 3 1 Introduce/Review Memory Corruption Bugs 2 A Post Fuzz Run Workflow 3 Real World Examples
- 4 Invalid Reads/Writes
- 5 Stack vs Heap Corruption
- 6 Use After Free
- 7 Other Memory Bugs
- 8 b: What is Exploitability?
- 9 Re-programming with input data- not code
- 10 Does "exploitability" matter?
- 11 Google Project Zero
- 12 Many modern exploits are bug chains
- 13 Surprisingly Exploitable
- 14 C-Ares / Chrome OS Remote Code Execution
- 15 Section 1c: Memory Corruption Mitigations
- 16 ASLR Address Space Layout Randomization
- 17 DEP Data Execution Prevention
- 18 Minimize the Corpus of Crashes
- 19 b: Memory Corruption Analysis Tools
- 20 Valgrind (memcheck)
- 21 Section 2c: Determine Exploitability / Find the Root Cause
- 22 Disable ASLR
- 23 Identify critical memory locations
- 24 PHP: Low invalid read
- 25 Netflix Dynomite: Invalid Write
