Black Hat USA 2007 Briefings and Training
Caesars Palace, Las Vegas • July 28-29 (Weekend) & July 30-31 (Weekday)

Overview:
This class will give attendees the knowledge to evaluate, tune, and effectively use code analysis and security testing tools, as well as using said tools to automate and streamline many of the tedious tasks encountered in the process finding novel exploitable bugs in real-world software. While there is a focus on free, open-source tools, everything learned can be (and has been) applied to commercial tool offerings as well.

This class is both comprehensive and hard-core enough for both novices and experts. Labs and lecture will give students a solid foundation for evaluating, tuning, and extending existing tools as well as creating their own automated tools. Anyone evaluating, developing, testing, using, or curious about code analysis or security testing tools should attend.

What you will learn:
Two expert, veteran presenters will show how and why to attack software from both blackbox (network) and whitebox (code analysis) perspectives to find real-world exploitable bugs. When to optimally apply either approach, based upon pros and cons in finding real-world bugs for which the presenters have published advisories, will be explored. The presenters then discuss the concepts behind automating blackbox and whitebox testing techniques, where the concepts work (and don't work), and the effective use of tools that implement those concepts. Finding exploitable buffer overflows and SQL Injection exploits in real-world applications will be covered.

We will be premiering a new open-source tool for fuzzing AJAX requests to find both application-level bugs and AJAX parser-level bugs. We will also be showing new features of the open-source binary code analyzer, bugreport. Other tools covered include findbugs for Java binaries, and PC-Lint for C/C++ source code.

Prerequisites:
Knowledge of a C-like programming language (C, C++, C#, or Java) is required. Knowledge of an assembly language is helpful but not required.

Students' laptop(s) should also be able to copy files from a USB storage device.

No commercial or closed-source tools are required for participation in labs.

Matt Hargett and Luis Miras have over 20 years of combined experience in various aspects of network and application security, from managing product development to publishing advisories for a broad range of exploitable bugs in operating systems, applications, and embedded devices.

Matt Hargett has contributed to several popular magazines and books, most recently including Pragmatic Unit Testing in C# 2nd edition. Matt also contributes to open source projects such as bugreport, findbugs, and others, on a regular basis. He has developed several security testing products over the last 5 years which analyzed binaries for, and found several, novel exploitable security vulnerabilities. He is still actively consulted by press and analysts on the security testing market. He lives in Mountain View, California with his husband and their dog where he writes songs and does eXtreme Programming coaching.

Luis Miras is the lead vulnerability researcher at Intrusion Inc. He has done work for leading consulting firms, and most recently has done work for Chumby. His interests include vulnerability research, binary analysis, and hardware/software reversing. In the past he has worked in digital design, and embedded programming. He has presented at CanSecWest, CCC Congress, REcon, Defcon, and other conferences world-wide. When he isn't head down in IDA or a circuit board, you will likely find him boarding down some sweet powder.