The Skinny Research and Development Zero Day Fundamentals (ZDF) class uncovers the secrets and techniques of locating and exploiting unknown cyber security flaws referred to as ‘Zero-Day’ vulnerabilities. This hands-on class will instruct students on how to detect both common and exotic security bugs using popular open source tools on a large scale.
Zero-day exploits are discovered by security researchers, nation-states, cyber defense professionals, and hacktivist groups worldwide to infiltrate computer systems, networks, critical infrastructure, and Internet of Things (IoT) devices. As technology advances, cybercrime continues to spread into every global industry. This makes the race to find Zero-Day vulnerabilities crucial to the success of any organization.
Students will be armed with the technical and procedural skills required to perform quality Zero-Day research focused on finding new flaws in software and firmware that have not yet been identified. By finding flaws in computer systems before cybercriminals, each organization can ensure all products and services maintain a high level of integrity and security.
Students will receive:
| Prebuilt Fuzzing Workstation
Keyboard and Mouse Portable Display |
Backpack
Course Virtual Machines Course Pentesting Tools and Scripts |
| Day 1 | Day 2 | Day 3 | Day 4 | Day 5 |
| C/C++ Review
Discovering Overflows Null Pointer Dereferences Bypassing DEP and ASLR U-A-F and DF Vulnerabilities |
Manual vs Automated Fuzzing
Intro at AFL++ Fuzzing File Parsers Fuzzing Program Inputs Discovering Known CVEs and AFL++ |
OWASP Top Ten Review
Zero-Day Vulnerabilities:
|
XSS Zero-Day Vulnerabilities
Open Redirect Zero-Day Vulnerabilities Intro to Boofuzz Fuzzing Network Services |
Reviewing of Fuzzing Techniques
Capture the Flag |
