To automatically find vulnerabilities, the presenter will discuss a technique MalwareBytes created that utilizes some of their reverse engineering techniques/tools and combines them with advanced fuzzing methods such as dynamic taint analysis and symbolic execution to automate identifying binary vulnerabilities. It uses in-line function hooking and recreates type information from binaries that do not have source code.
1: Learn how to fix vulnerabilities.
2: Understand how to find vulnerabilities.
3: Learn about unique and novel approaches to vulnerability discovery.
Exploits; vulnerability assessment; reverse engineering; software development.