Explore advanced exploit generation and JavaScript analysis automation techniques using WinDBG in this 32-minute Hack.lu 2016 conference talk. Dive into two powerful topics: automating the entire exploit development process from a POC BoF exploit, and implementing a mechanism to analyze obfuscated JavaScript malware without triggering anti-debugging techniques. Learn how to streamline exploit creation and gain deeper insights into malicious JavaScript code through practical demonstrations and expert insights from security professionals Fitzl Csaba and Miklos Desbordes-Korcsev. Discover innovative approaches to overcome common challenges in exploit writing and malware analysis, and understand the potential of WinDBG automation for enhancing your cybersecurity toolkit.
Exploit Generation and JavaScript Analysis Automation with WinDBG
Overview
Syllabus
Intro
CSABA FITZL
MIKLOS DESBORDES-KORCSEV
EXPLOIT WRITING CHALLENGES
EXPLOIT WRITING METHODOLOGY - BOF
THE TOOL
THE LOGIC
WHAT HAS TO BE CHANGED
BROWSER EXPLOIT REVERSING CHALLENGES
BROWSER EXPLOIT REVERSING METHODOLOGY
THE TASK
FINDING THE PEEKING HOLE
AUTOMATING THINGS
FUTURE PLANS
Taught by
Cooper
