YoVDO

Win the 0-Day Racing Game Against Botnet in Public Cloud

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Directory Traversal Courses

Course Description

Overview

Explore a Black Hat conference talk detailing the automatic capture of 0-day attack payloads without prior vulnerability knowledge. Delve into real-world cases demonstrating model performance and 0-day monitoring results. Follow the speakers as they guide you through the ZeroDay Racing Game, monitoring pipeline, and problem-solving processes. Examine specific examples of payload matching, command ejection, file upload vulnerabilities, and directory traversal. Learn from a real Fortnite defense story, including the timeline of the Impulse Miner and implemented defense rules. Gain insights into monitoring methods for RCE Zero Day attacks and common digitalization vulnerabilities. This 23-minute presentation by Xiaokun Huang and Yue Xu offers valuable technical details for cybersecurity professionals and enthusiasts alike.

Syllabus

Introduction
Agenda
ZeroDay Racing Game
ZeroDay Monitoring Pipeline
ZeroDay Monitoring Problem 1
ZeroDay Monitoring Process
ZeroDay Example
Ingram Payload Matching
Command Ejection
File Upload
Directory Traversal
Real Fortnite Defense Story
Timeline of Impulse Miner
Defense Rules
Example
RCE Zero Day
Monitoring Method
Common digitalization vulnerabilities
Summary


Taught by

Black Hat

Related Courses

Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security Chip
Black Hat via YouTube
Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube
AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube
Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube
Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube