To automatically find vulnerabilities, the presenter will discuss a technique MalwareBytes created that utilizes some of their reverse engineering techniques/tools and combines them with advanced fuzzing methods such as dynamic taint analysis and symbolic execution to automate identifying binary vulnerabilities. It uses in-line function hooking and recreates type information from binaries that do not have source code.
Learning Objectives: 1: Learn how to fix vulnerabilities. 2: Understand how to find vulnerabilities. 3: Learn about unique and novel approaches to vulnerability discovery.