Win the 0-Day Racing Game Against Botnet in Public Cloud
Offered By: Black Hat via YouTube
Course Description
Overview
Explore a Black Hat conference talk detailing the automatic capture of 0-day attack payloads without prior vulnerability knowledge. Delve into real-world cases demonstrating model performance and 0-day monitoring results. Follow the speakers as they guide you through the ZeroDay Racing Game, monitoring pipeline, and problem-solving processes. Examine specific examples of payload matching, command ejection, file upload vulnerabilities, and directory traversal. Learn from a real Fortnite defense story, including the timeline of the Impulse Miner and implemented defense rules. Gain insights into monitoring methods for RCE Zero Day attacks and common digitalization vulnerabilities. This 23-minute presentation by Xiaokun Huang and Yue Xu offers valuable technical details for cybersecurity professionals and enthusiasts alike.
Syllabus
Introduction
Agenda
ZeroDay Racing Game
ZeroDay Monitoring Pipeline
ZeroDay Monitoring Problem 1
ZeroDay Monitoring Process
ZeroDay Example
Ingram Payload Matching
Command Ejection
File Upload
Directory Traversal
Real Fortnite Defense Story
Timeline of Impulse Miner
Defense Rules
Example
RCE Zero Day
Monitoring Method
Common digitalization vulnerabilities
Summary
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube