Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Contemporary Automatic Program Analysis

Black Hat via YouTube

Overview

Explore the world of contemporary automatic program analysis in this 42-minute Black Hat conference talk by Julian Cohen. Delve into the history of program analysis, tracing its evolution from manual techniques to automated methods for discovering vulnerabilities and reasoning about code. Learn how to leverage existing program analysis tools and techniques to automatically find vulnerabilities in various systems. Discover the cutting-edge advancements in the field, including how minor modifications to existing projects and small scripts can lead to world-class vulnerability discoveries. Gain practical insights through code examples and demonstrations, covering topics such as metacharacter injection, command injection, type confusion, buffer overflow, and symbolic execution. Access accompanying online reference material to further enhance your understanding of automatic program analysis and its applications in cybersecurity.

Syllabus

Introduction
Julian Cohen
Program Analysis
Vulnerability Research
Vulnerability Discovery
Presentation Goal
Metacharacter Injection
Command Injection
Type Confusion
Implicit Type Conversion Vulnerability
Implicit Type Conversion
Buffer Overflow
Rats
FAL Grind
BAL Grind
QuickSEC
After Free Vulnerability
Aurora Center
Aurora UAF
Symbolic Execution
Constraint Solving
Klee
CLE
CLE Demo
Symbolic Execution Engines
Static Analysis Platforms
Conclusion
Thanks
Questions

Taught by

Black Hat

Reviews

Start your review of Contemporary Automatic Program Analysis

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.