Black Hat Training Course: Binary Static Analysis: From the Inside-Out

Black Hat Digital Self Defense Europe 2006

Note: if the class is overfilled, then you will be contacted should this occur.

Black Hat Europe Training 2006
Grand Hotel Krasnapolsky • 28 February-1 March

Course Length: 2 days. All course materials, lunch and two coffee breaks will be provided. A Certificate of Completion will be offered. You must provide your own laptop.

Cost:	Early Bird: before 1 February 2006	1500 EUR	1800 USD
Cost:	Regular: after 1 February 2006	1665 EUR	2000 USD

CLOSED: this class has been canceled. The next show this session will be offered at is at USA 2006

Two Day Course

28 February - 1 March

Binary Static Analysis: From the Inside-Out

Matt Hargett

What to bring:
Students must bring their own laptop with mono 1.1.10 (http://www.mono-project.com) installed on their windows or Linux machines for the coding aspect of the class if they want to participate. Participation in coding is not required.

Static analysis of code is a hot topic right now, but how does it work? how does it not work? how does one evaluate a static analysis tool for effectiveness? This course, taught by implementors of these technologies will introduce students to static analysis concepts and their application through lecture and programming exercises. Whether you are deeply technical and are interested in creating tools, or not as technical and want an advantage over vendors and consultants selling these capabilities, this class will give you what you need.

Prerequisites:
C/C++/C#/Java programming knowledge required; knowledge of one assembly language (x86, SPARC, Java, etc) recommended but not required. Familiarity with compiler design concepts a plus.

The student should have an understanding of most of the following concepts and technologies:

reading any platform's assembly language
application security vulnerabilities (overflows, SQL Injection, etc)
insecure coding bugs that lead to vulnerabilities

Users should have mono 1.1.10 (http://www.mono-project.com) installed on their windows or Linux machines for the coding aspect of the class if they want to participate. Participation in coding is not required.

ISC²CISSP/SCCP CPE Credits
Students are eligible to receive 16 Continuing Professional Education (CPE) credits upon completion of class. Black Hat will automatically forward your information to ISC².

Course Length: 2 days. All course materials, lunch and two coffee breaks will be provided. A Certificate of Completion will be offered. You must provide your own laptop.

Cost:	Early Bird: before 1 February 2006	1500 EUR	1800 USD
Cost:	Regular: after 1 February 2006	1665 EUR	2000 USD

CLOSED: this class has been canceled. The next show this session will be offered at is at USA 2006

Trainer:

Matt Hargett has over 8 years of experience in various aspects of network and application security, from managing product development to finding a broad range of exploitable bugs inoperating systems and applications. Most recently, he created the product BugScan which analyzed binaries for, and found several, novel exploitable security vulnerabilities. He is now working to educate security researchers and practitioners on applying public research and information toward building and evaluating static analysis tools and products.