Program Analysis for Vulnerability Research

This four-day course trains students to do sophisticated program analysis using Binary Ninja and the Binary Ninja Python API for the purpose of vulnerability research with the goal of improving auditing processes, improving ability to identify interesting code paths, and encoding bug primitives.

In the class, students will learn Binary Ninja inside and out by extending its analysis capabilities to support a custom architecture which is difficult to analyze manually. Students will also leverage the Binary Ninja plugin architecture to identify vulnerabilities in a machine architecture independent way. After taking this course students will have experience working with the least intuitive and even some undocumented parts of Binary Ninja to create powerful program analysis tools which can be used across architectures.

Learning Objectives

  • Have a thorough grasp on the binary ninja python API
  • Familiarity with many program analysis concepts and common challenges
  • The ability to write sophisticated program analysis plugins unassisted

https://recon.cx/2020/montreal/traininganalysis.html

 

 

« Return to Events