YoVDO

Detecting Bugs Using Decompilation and Data Flow Analysis

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Software Development Courses Cybersecurity Courses Static Analysis Courses Decompilation Courses Binary Analysis Courses

Course Description

Overview

Explore a comprehensive presentation from Black Hat USA 2013 on Bugalyze.com, a free online web service for detecting software bugs and vulnerabilities through static analysis of binary executables. Discover how this innovative tool combines decompilation and data flow analysis to uncover issues like use-after-frees and double frees. Learn about the system's architecture, consisting of over 100,000 lines of C++ code and a scalable, load-balanced multi-node Amazon EC2 cluster. Gain insights into Bugwise's development process and its successful application in finding real bugs and vulnerabilities in Debian Linux, including double free, use-after-free, and numerous getenv(,strcpy) bugs discovered through scanning the entire Debian repository.

Syllabus

Black Hat USA 2013 - Bugalyze.com - Detecting Bugs Using Decompilation and Data Flow Analysis


Taught by

Black Hat

Related Courses

Threat Hunting with Yara
Pluralsight Reverse Engineering 3201: Symbolic Analysis
OpenSecurityTraining2 via Independent Firing Rounds at the Analysis Shooting Gallery - CSAW'16 Security Workshop
New York University (NYU) via YouTube angr: Binary Analysis Framework - Demonstration and Analysis
New York University (NYU) via YouTube Debin: Predicting Debug Information in Stripped Binaries
Association for Computing Machinery (ACM) via YouTube