[Owasp-ottawa] Vulnerability Hunting - June 16th - 6:00 PM @ Microsoft

Sherif Koussa sherif.koussa at owasp.org
Thu Jun 11 18:26:21 UTC 2015

*RSVP:* http://www.meetup.com/OWASP-Ottawa/events/219842736/

*Abstract*: We'll discuss a high level approach to vulnerability research
to find new vulnerabilities in products and its role in the development
process as well as high assurance Penetration Testing. We will quickly
dispense with the slide decks and dive into the demonstration of the
identification of vulnerabilities in a simple custom network service-based
application that will follow the process of

•  Input identification and input modeling
•  fuzzing the identified input points
•  identifying the problem,
•  reverse engineering the code to identify the root case
•  identify mitigation strategies
• assess exploitability

If there is time in the session we will also develop a simple exploit to
demonstrate the vulnerability and show some of the issues facing exploit
developers. This topic will be continued at our follow up OWASP talk in
September on Weaponing Exploits.

*Speaker*: Mike Sues

Sherif Koussa
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-ottawa/attachments/20150611/9e565cb8/attachment.html>

More information about the Owasp-ottawa mailing list