YoVDO

Hunting for Bugs, Catching Dragons

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Exploit Development Courses Bug Hunting Courses Attack Surface Analysis Courses

Course Description

Overview

Explore the world of email client and server vulnerabilities in this 43-minute Black Hat conference talk. Delve into research conducted at Microsoft on Outlook and Exchange, uncovering potential attack vectors and bugs in targets without scripting capabilities. Learn about identifying valid entry points, understanding the attack surface, and discovering "scary dragons" in email exploits. Examine specific vulnerabilities such as RTF issues, audio objects, invoke monikers, and Windows chat links. Gain insights into bug fixes, common marshalling techniques, and Exchange-specific vulnerabilities. Equip yourself with knowledge to hunt for bugs and catch dragons in email security landscapes.

Syllabus

Introduction
Email Exploits
Attack Surface
Why Im doing this
TAF
RTF Issues
Video Interrupt
Audio Objects
Invoke monikers
Windows chat links
Video controller
Bug fixes
Common marshalling
Exchange
XR PCM
PostReply
Conclusion


Taught by

Black Hat

Related Courses

Introduction To Ethical Hacking
Codecademy Reverse Engineering 3201: Symbolic Analysis
OpenSecurityTraining2 via Independent Ethical Hacking Course For Beginner In Hindi
Udemy اختبار اختراق المواقع بالعربي
Udemy Cyber Security Course دورة الأمن السيبراني الشاملة
Udemy