The Skinny Research and Development Zero Day Fundamentals (ZDF) class uncovers the secrets and techniques of locating and exploiting unknown cyber security flaws referred to as ‘Zero-Day’ vulnerabilities. This hands-on class will instruct students on how to detect both common and exotic security bugs using popular open source tools on a large scale.
Zero-day exploits are discovered by security researchers, nation-states, cyber defense professionals, and hacktivist groups worldwide to infiltrate computer systems, networks, critical infrastructure, and Internet of Things (IoT) devices. As technology advances, cybercrime continues to spread into every global industry. This makes the race to find Zero-Day vulnerabilities crucial to the success of any organization.
Students will be armed with the technical and procedural skills required to perform quality Zero-Day research focused on finding new flaws in software and firmware that have not yet been identified. By finding flaws in computer systems before cybercriminals, each organization can ensure all products and services maintain a high level of integrity and security.
Students will receive:
|Prebuilt Fuzzing Workstation
Keyboard and Mouse
Course Virtual Machines
Course Pentesting Tools and Scripts
|Day 1||Day 2||Day 3||Day 4||Day 5|
Null Pointer Dereferences
Bypassing DEP and ASLR
U-A-F and DF Vulnerabilities
|Manual vs Automated Fuzzing
Intro at AFL++
Fuzzing File Parsers
Fuzzing Program Inputs
Discovering Known CVEs and AFL++
|OWASP Top Ten Review
|XSS Zero-Day Vulnerabilities
Open Redirect Zero-Day Vulnerabilities
Intro to Boofuzz
Fuzzing Network Services
|Reviewing of Fuzzing Techniques
Capture the Flag