Tips and Tricks for Security Researchers

Presented at Black Hat Europe 2017, Dec. 7, 2017, 2:55 p.m. (25 minutes)

This briefing will describe the process and methods used to analyse applications for unknown vulnerabilities. Those in attendance will gain insights in the complex analysis techniques for both open and closed source applications. Highlighting the various tools and techniques to identify potential inputs to applications and test those inputs for vulnerabilities. Demonstrations of static analysis and various tools, techniques and procedures for identifying and researching vulnerabilities which often go undetected by vulnerability scanners.

Presenters:

• Ryan Ackroyd - Cyber Security Trainer and Security Researcher, QA Ltd
  Ryan has a wealth of experience within the Cyber industry. Previously a known hacker Ryan has reformed and vowed to help secure, defend systems and share his knowledge through training. Ryan joined QA in 2016 as a Cyber Security Trainer and Security Researcher where he continues to educate customers and support in expanding QA's already comprehensive suite of Cyber courses.

Links:

• https://www.blackhat.com/eu-17/sponsored-sessions/schedule/#tips-and-tricks-for-security-researchers-9608

Similar Presentations:

• Black Hat USA 2011 / Sticking to the Facts: Scientific Study of Static Analysis Tools
• AppSec USA 2017 / A Static Tainting Analysis Method for Aspect-Oriented Programs
• ShmooCon I (2005) / Reverse Engineering for Fun and BoF It!