Vulnerability Research & Fuzzing
A complete introduction to finding 0-days on Windows, covering static & dynamic manual approaches alongside state-of-the-art snapshot fuzzing techniques with multiple walkthroughs of real live 0-days.
Important Information
Initial Theory
Winafl Challenge
Winafl Solution
Initial Theory Pt.2
Importance of Coverage
Experience Survey
Real-target fuzzing (+ Snapshot Fuzzing) Theory
Real Target Fuzzing pt1
Initial Harness
Real Target Fuzzing pt2
Real Target Fuzzing pt3
Real Target Fuzzing pt4
Real Target Fuzzing pt5
Real Target Fuzzing pt6
Real Target -- Snapshot Fuzzing (Harness Setup)
FileHook_SHMEM Files
Real Target -- Snapshot Fuzzing (what-the-fuzz pt.1)
Real Target -- Snapshot Fuzzing (targets folder for what-the-fuzz)
Real Target -- Snapshot Fuzzing (what-the-fuzz pt.2)
Real Target -- Snapshot Fuzzing (what-the-fuzz pt.3)
Experience Survey Day (Two + Three)
Logic Vulnerabilities (+ Live Examples)
Misc Tooling
Driver Target Challenge
Identifying the Issue (Trend Micro Driver)
Solution (Driver Target Challenge)
IOCTLDump Github
Driver Hooking + 0day (Logic) Challenge
Chef + Salt
Additional content survey
Continually updated over time to reflect state-of-the-art Windows 0-day hunting techniques
You may be eligible for course discounts!