Fail Harder - Finding Critical 0-Days in Spite of Ourselves
Offered By: Black Hat via YouTube
Course Description
Overview
Explore the challenging journey of vulnerability researchers and bug hunters in this 38-minute Black Hat conference talk. Delve into the often-overlooked aspects of failure and persistence that lead to discovering critical zero-day vulnerabilities. Learn from real-world examples involving patient monitors, Belkin Wemo Insights Plug, Delta entilibus Building Controller, and Azure Sphere. Gain insights into effective practices such as clean solder work, high-tech approaches, and using Slack for project documentation. Understand the complexities of fuzzing, vendor disclosure, and conference submission feedback. Discover the importance of brute-forcing passwords, treating code as documentation, and managing burnout in the pursuit of uncovering critical security flaws across multiple projects.
Syllabus
black hat
Patient Monitor
Belkin Wemo Insights Plug
Delta entilibus Building Controller
Azure Sphere
Clean solder work
High-tech approach
Slack == Project Documentation
Brute force the password!!!
Code is documentation....
Fuzzing is hard
Vendor Disclosure
Conference Submission Feedback
Watch out for burnout
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube