Our ‘Advanced C/C++ Source Code Analysis’ training course is designed for organizations who want to educate their staff on how to find exploitable vulnerabilities by manually auditing the source of large and complex programs. This course does not cover introductory buffer overflows on example code, instead students will focus on real world web browser and common library vulnerabilities. The course covers topics such as use-after-free, type confusion and more. The introductory material covers how to identify vulnerable code patterns and conceptualize what the process would look like at runtime. Students will learn the wrong way to use WebKit’s RefPtr and Microsoft’s VARIANT structure, and not study the same old strcpy pattern from a decade ago. This course is unique because it will not only teach you techniques to find new vulnerabilities, but also analyze code for exploitation primitives that can be leveraged for target specific exploitation. This course is completely up to date with the latest in memory corruption research. There is no other training offered like this anywhere else. We are confident students will finish the course with a different perspective on how to discover new zero day vulnerabilities through manual source code auditing. As always, this course has been updated for the Seattle training event!
There are a couple of 'source code analysis' trainings available on the market but all of them are either developer oriented or fit the topic into just a few hours as part of a larger course offering and thus only cover introductory material. For these reasons our competitors courses simply do not reach the level of technical depth ours does. Our course is two full days of in-depth C/C++ source code analysis on large and complex programs to find exploitable bug classes such as use-after-free and type confusion. Furthermore, we discuss auditing source code for exploitation primitives which no other courses provide. Since this course is targeted at primarily offense-driven security people that makes Black Hat the ideal market place for it, as opposed to events that offer only defense and certificate driven courses.
Penetration testers and security consultants, vulnerability researchers, offense driven security staff, application developers, anyone interested in what modern code execution vulnerabilities look like
A laptop with their preferred code IDE installed
Chris Rohlf - Prior to founding Leaf SR (http://leafsr.com), Chris was a principal security consultant at Matasano Security in NYC. He has spent the last 10 years as a security researcher, consultant, developer and engineer for organizations including the US Department of Defense. Chris is also a member of the Black Hat Review Board. He has spoken at industry conferences including Black Hat Vegas 2009/2011 and 2012, guest lectured at NYU Poly in Brooklyn NY, has been published in IEEE Security and Privacy magazine and is occasionally quoted by various media outlets. He has discovered critical security vulnerabilities in every major web browser, operating systems and more.