Framework CSS -->
RSS feed logo header graphic
This is where the main content goes when you need one large content column -->

Black Hat USA 2009 Weekend Training Session

July 25-26

Finding Security Bugs in Closed-source Software: Beginner

Halvar Flake

Register Button


Due to the ever-expanding nature of the topic, and to balance skill levels in the class better, the course has been split into two halves. This is the first half, which is intended for people with less than 2 years experience in this field.

In recent years, a large proportion of the focus in security research has been on the analysis of programs in order to find memory-corruption vulnerabilities. Due to the nature of the C language, it is particularly easy for developers to create buggy applications. C and, by extension, C++ suffer from a plethora of subtle pitfalls that have contributed to the proliferation of security-critical bugs in software.

The course assumes the following:

  • You know C and some C++
  • You know the important bits of the Intel x86 instruction set, enough to read simple code snippets
  • You have a decent idea of the 'basics', e.g. you understand simple buffer overflows
  • and simple exploitation methods
  • You do not have extensive experience in using IDA Pro

The course will cover the following:

  • Security defects – from the boring historical examples to nontrivial semantic issues, from buffer overflows via integer issues to complicated object-lifetime issues
  • Methodologies for source code review
  • Introduction to binary review: What changes, what stays the same ?
  • Using IDA Pro and other tools for bug hunting
  • Reading & understanding disassemblies in order to find security defects

The course will spend approximately one day on source code and one day on binary review.


Halvar Flake

Founder, Zynamics

Halvar Flake is Zynamics' founder. Originating in the fields of copy protection and digital rights management, he gravitated more and more towards network securityover time as he realized that constructive copy protection is more or less fighting windmills. After writing his first few exploits he was hooked and realized that reverse engineering experience is a very handy asset when dealing with COTS software. With extensive experience in reverse engineering, network security, penetration testing and exploit development he recently joined Black Hat as their main reverse engineer.

Register Button

Super Early:
Ends Mar 15
Ends May 1

Ends Jul 1

Ends Jul 22







This is where the main content ends when you need one large content column -->

Black Hat Webcasts

Black Hat Social

About Black Hat | Privacy Policy | Sponsorship Inquiry | DEFCON | Black Hat Main RSS Feed