YoVDO

ODDFuzz - Hunting Java Deserialization Gadget Chains via Structure-Aware Directed Greybox Fuzzing

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Software Vulnerabilities Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a novel approach to hunting Java deserialization gadget chains through a 34-minute Black Hat conference talk. Dive into the challenges of existing tools in addressing Java deserialization vulnerabilities, including difficulties in balancing precision and recall due to runtime polymorphism and dynamic language features. Learn about ODDFuzz, an innovative method for efficiently and precisely identifying gadget chains. Gain insights from security researchers Biao He, Haowen Mu, and Yu Ouyang as they present their findings on improving automated detection and validation of potential security threats in Java applications.

Syllabus

ODDFuzz: Hunting Java Deserialization Gadget Chains via Structure-Aware Directed Greybox Fuzzing


Taught by

Black Hat

Related Courses

Information Security - 5 - Secure Systems Engineering
Indian Institute of Technology Madras via Swayam Reverse Engineering and Exploit Development
Udemy Master the OWASP Top 10
LinkedIn Learning CASP+ Cert Prep: 2 Enterprise Security Architecture
LinkedIn Learning Learning the OWASP Top 10 (2018)
LinkedIn Learning