YoVDO

All Your -Data-base Are Belong To Us

Offered By: HackerOne via YouTube

Tags

H@cktivitycon Courses Reverse Engineering Courses Fuzzing Courses Binary Exploitation Courses

Course Description

Overview

Explore the world of vulnerability research and code execution bugs in office applications through this 24-minute conference talk by @spaceraccoon from HackerOne. Dive into the speaker's journey of discovering and exploiting zero-days, learning about fuzzing, source code review, and reverse-engineering techniques. Gain insights into getting started with software vulnerability research, focusing on parsing and processing various file formats in modern office applications. Discover simple approaches to vulnerability research, suitable for researchers curious about binary exploitation, with minimal background knowledge required. Follow along as the speaker covers topics such as DBF documentation, fuzzing templates, triage mechanisms, and exploit examples, including a case study on Apache OpenOffice vulnerabilities and the disclosure process.

Syllabus

Introduction
Who am I
What is Vulnerability Research
What is VR
Skills required
Getting started in VR
DBF Documentation
Fuzzing Template
Triage Mechanism
Zero One Zero Editor
Exploit Example
Dumb Fuzzing
Apache Open Office
Inline Validation
Bypassing DEP and ASR
Rob Chains
Cve202133035
Disclosure
Patch
Summary
Announcement
Govtech Vulnerability Rewards
Outro


Taught by

HackerOne

Related Courses

Applied ChatGPT for Cybersecurity
Infosec via Coursera
Become an Influencer at Work
CreativeLive
Fundamentos de Ciberseguridad: un enfoque práctico
Inter-American Development Bank via edX
Advanced Malware Analysis: Redux
Cybrary
How to Use GDB (BSWJ)
Cybrary