Bug Hunting Bootcamp – Discovering 0day
The term zero day can be frightening to most in the IT and information security business, but for bug hunters it is just another bug where the vendor hasn’t been notified yet, or future rewards from bug bounty programs. This intense two day lab-based training course will teach you about approach, methodologies and the mindset to find these bugs, evaluate root cause, assess impact and write exploit to prove zero day vulnerabilities in software. The course will cover both
manual and automated vulnerability hunting in web applications, source code and compiled binaries. Additionally we will cover how to chain bugs together to achieve unauthenticated remote code execution, vendor notification, vulnerability disclosure and how to obtain a CVE.
The training prioritizes real world vulnerabilities across several platforms and programming languages.
Audience and prerequisites
The course is aimed at beginners and security professionals alike, a variety of targets to practice bug hunting skills on the participant can find something suitable for their skill level.
- Students are expected to be somewhat familiar with the Linux command line, as well as OWASP Top 10 & CWE-25.
- Basic scripting knowledge is recommended, but not required.
- Students must be able to run a VMWare virtual machine (VMWare Player or
Workstation) to complete this course.
Course duration, format and materials
- Students will take home the training slides and material as well as the
lab virtual machine.
- Upon completing this training, the student will have a good
understanding of how and where to look for security flaws in software,
using both automated and manual techniques.
- The student will also be able to write exploits for the common bug
classes covered by the training.
- A certificate of completion of the training course.
- Students need to bring their own laptop
Detailed training course agenda
- Bug hunting approaches and theory
- Choosing suitable targets
- Static and dynamic analysis
- Web application bugs and exploits
- Chaining bugs
- Binary bugs and exploits
- Dealing with disclosure