Black Hat Europe Training 2007
Moevenpick Hotel Amsterdam City Centre, the Netherlands • 27-28 March 2007

Overview:
Whether you are an exploit coder by night for fun or a security consultant by day for profit (or both), this class will teach techniques to automate and streamline many of the tedious tasks encountered in the process finding exploits. From breaking down the process of where to start and where time is spent, to automating common up-front tasks and using analysis tools to make effective use of time, this class is both comprehensive and hard-core enough for both novices and experts. Exercises will uncover several previously known and novel real-world vulnerabilities that will be dissected and found using the techniques and tools described. Students will have a solid foundation for both using existing tools as well as creating their own automated tools.

Day One: Optimizing exploit discovery with best practices and free tools
The first day will discuss the process applied to discovering several novel security vulnerabilities, then will reflect on where tools and best practice techniques can be used to arrive at the exploits more quickly.

Matt Hargett has over 8 years of experience in various aspects of network and application security, from managing product development to finding a broad range of exploitable bugs inoperating systems and applications. Most recently, he created the product BugScan which analyzed binaries for, and found several, novel exploitable security vulnerabilities. He is now working to educate security researchers and practitioners on applying public research and information toward building and evaluating static analysis tools and products.

Luis Miras is the lead vulnerability researcher at Intrusion Inc. He has done work for leading consulting firms. and Network Associates. He released the first public polymorphic shellcode at Defcon 8 and has also spoken at Toorcon 7 as well as the CCC Congress (17c3) in Berlin. In the past he has worked in digital design, and embedded programming.