RE//verse Training - Program Analysis for Vulnerability Research with Kyle Martin and Ian Palleiko
Regular price
$4,800.00
Sale
Theory meets implementation in this course brought to you by Margin Research and Vector 35. This four-day course examines cutting-edge program analysis techniques and how they can be used to find bugs!
- TRAINING DATES: February 24 - February 27, 2025
- CONFERENCE DATES: February 28 - March 1, 2025
- LOCATION: Caribe Royale, Orlando, FL
- NOTE: Conference admission purchased separately. Conference tickets can be purchased here.
Uncover and improve on the logic behind compiler checks that have been finding errors in code for decades and implement them on binaries using Binary Ninja. Students will prototype binary analysis passes to find type confusion, buffer overflows, data-flow edge cases, and automate analysis at scale across hundreds of real world targets.
This thorough approach to binary analysis will leave students with a collection of scripts that can be applied across architectures to find real bugs, identify interesting code paths, and the ability to encode bug primitives both old and new! Plus, students will learn how to build a pipeline to discover those bugs automatically and integrate automated analysis into existing workflows, maximizing every advantage reverse engineering has to pioneer truly modern Program Analysis for Vulnerability Research.
Topics Covered
- Basic Usage of Binary Ninja, Design Philosophy, Core Architecture, API
- Normalization, IL Survey, BNIL
- Undecidability, Program Correctness, Correctness with pointers, Formal Methods, Useful Binary Ninja Features, Jump Tables, SSA
- PHI nodes, Dominance Frontiers, and Data Sensitive Analysis
- Type Analysis, Constraint Solving, and Records, Lattice Theory, Sign Analysis, and Abstract Interpretation
- Constant Propagation, Fixed-Point Algorithms, Abusing Optimizations, and Flow-Sensitive Type Analysis
- Pointer Analysis, Abstract Interpretation, Interprocedural Analysis, Batch processing with Binary Ninja
- Pointers and Heap analysis
Learning Objectives
- Familiarity with many program analysis concepts and common challenges
- The ability to write sophisticated program analysis scripts and plugins unassisted
- An understanding of vulnerability primitives and methods of discovery
- The ability to model vulnerability primitives for automated discovery using Binary Ninja's Python API
Requirements
- Familiarity with basic vulnerability classes such as stack-based buffer overflows, type confusion, sign extension vulnerabilities, etc
- Intermediate Python experience highly recommended
- A workstation or laptop that can run Binary Ninja (license included with the course)
- (Optional) Students may wish to have a virtual machine running Ubuntu 24.04 or a OS which can run Binary Ninja and our provided exercise binaries
Trainers
Ian Palleiko (@palleiko) is a senior security researcher at Margin Research. With over 10 years of experience in reverse engineering, malware analysis, vulnerability research, and program analysis tooling development, he currently specializes in binary analysis tooling and high performance emulation development.
Palleiko has presented his research on reverse engineering, malware analysis, and botnet busting at various security conferences in America and Europe. He has led private and public training sessions on topics in program analysis through Margin Research. Outside of his research, Palleiko enjoys tinkering with synthesizers and cars, food science, and riding motorcycles.
Kyle Martin (@elykdeer) is a cybersecurity software engineer and educator, focused on making all things "binary" easier to understand. Kyle has over 10 years of teaching and presenting experience, going all the way back to when he was the head counselor at a computer camp, rewriting their C++ and x86 assembly courses at just 15 years old. Since then, he’s been involved in organizing highly-specialized cybersecurity events around the world, spanning concepts such as reverse engineering, incident response, vulnerability research, malware analysis, capture the flag, offensive security, and cutting-edge program analysis. Kyle brings with him the expertise and support of the entire Vector 35 team, creators of Binary Ninja.