All Your -Data-base Are Belong To Us
Offered By: HackerOne via YouTube
Course Description
Overview
Explore the world of vulnerability research and code execution bugs in office applications through this 24-minute conference talk by @spaceraccoon from HackerOne. Dive into the speaker's journey of discovering and exploiting zero-days, learning about fuzzing, source code review, and reverse-engineering techniques. Gain insights into getting started with software vulnerability research, focusing on parsing and processing various file formats in modern office applications. Discover simple approaches to vulnerability research, suitable for researchers curious about binary exploitation, with minimal background knowledge required. Follow along as the speaker covers topics such as DBF documentation, fuzzing templates, triage mechanisms, and exploit examples, including a case study on Apache OpenOffice vulnerabilities and the disclosure process.
Syllabus
Introduction
Who am I
What is Vulnerability Research
What is VR
Skills required
Getting started in VR
DBF Documentation
Fuzzing Template
Triage Mechanism
Zero One Zero Editor
Exploit Example
Dumb Fuzzing
Apache Open Office
Inline Validation
Bypassing DEP and ASR
Rob Chains
Cve202133035
Disclosure
Patch
Summary
Announcement
Govtech Vulnerability Rewards
Outro
Taught by
HackerOne
Related Courses
Dal Reverse engineering alla stampa 3DUniversity of Naples Federico II via Federica Rapid Manufacturing
Indian Institute of Technology Kanpur via Swayam Generative Design for Industrial Applications
Autodesk via Coursera Fundamentos de Ciberseguridad: un enfoque práctico
Inter-American Development Bank via edX Functional And Conceptual Design
Indian Institute of Technology Madras via Swayam