DEF CON Forum Site Header Art


No announcement yet.

Fish Wang & Audrey Dutcher - Customizable Binary Analysis: Using angr to its full potential

  • Filter
  • Time
  • Show
Clear All
new posts

  • number6
    Start time updated from 9am to 8am.

    Leave a comment:

  • Fish Wang & Audrey Dutcher - Customizable Binary Analysis: Using angr to its full potential

    Fish Wang & Audrey Dutcher - Customizable Binary Analysis: Using angr to its full potential
    Latest details, requirements, description, cost:

    Training description:

    One of the most badass skills a hacker can possess is the ability to find and pwn vulnerabilities in binary software. This is enabled by a long history of complex tools: OllyDBG, SoftICE, IDA Pro, Binary Ninja, and now: angr. Built using cutting-edge techniques straight out of research labs around the world, angr enables analysts to swiftly carry out advanced reasoning over software to understand complex code and find the juicy hidden vulnerabilities within. While angr is arguably one of the most user-friendly binary analysis frameworks available on the market, it is never an easy task to use it to its full potential, especially when facing less common architectures (such as PowerPC), niche operating environments (bare-metal binaries or embedded architectures), or unique tasks (e.g., binary code optimization, exploit generation, efficient vulnerability discovery, etc.). To assist users, especially medium-level and professional reverse engineers to effectively and efficiently use angr in their daily work, we designed this two-day course focusing on the use of non-trivial capabilities that angr offers, as well as customizing angr’s advanced analyses for users’ needs. This course is extremely practical and hands-on: Besides a five-hour lecture, core angr developers will guide students to solve over ten specially crafted problems with angr. This course will focus on Linux userspace binaries (x86-64 and ARM), Windows userspace binaries (x86-64), and firmware images (ARM). After completing this course, students will master practical angr skills that will help them reverse engineer userspace binary programs and assess them for defects and vulnerabilities.

    Student skill level:


    - Have knowledge on reverse engineering embedded systems/software.
    - Know and understand common types of software defects, including memory corruption,
    command injection, etc. and vulnerabilities caused by these types of defects.
    - Be able to use Linux and command line tools on Linux.
    - Be able to read x86-64 assembly. Optionally, be able to read ARM assembly.
    - Achieve proficiency in Python 3.

    We would recommend a knowledge of x86 assembly and basic reverse engineering skills (think,
    100-point binary reversing in CTF). We would also recommend students to familiarize themselves with Python 3 programming. Finally, we would recommend students to obtain some basic understanding of angr from reading online materials or working on angr-CTF on GitHub. Note that this is not an entry-level binary reverse engineering course. We do not recommend this course to students who have never attempted binary reverse engineering in the past.

    What should students bring to the Training?:

    - laptop with a web browser. We will provide the rest.
    For students who prefer a native install of all tools, we would recommend students to use
    Ubuntu >= 18.04 either natively or in a VM. Optionally, students may work on Windows or
    MacOS, but most of our challenge binaries will be for Linux only.


    Fish Wang is an Assistant Professor at Arizona State University. He is extremely interested
    in demystifying all sorts of binary code, and his main research interests are software vulnerability discovery, automated exploit generation, and binary decompilation. Fish is a co-founder and a core maintainer of angr.

    Yan: Yan Shoshitaishvili is an Assistant Professor at Arizona State University, where he pursues parallel passions of cybersecurity research, real-world impact, and education. His research focuses on automated program analysis and vulnerability detection techniques. Aside from publishing dozens of research papers in top academic venues, Yan led Shellphish’s participation
    in the DARPA Cyber Grand Challenge, achieving the creation of a fully autonomous hacking system that won third place in the competition.
    Underpinning much of his research is angr, the open-source program analysis framework created by Yan and his collaborators. This framework has powered hundreds of research papers, helped find thousands of security bugs, and continues to be used in research labs and companies around the world. When he is not doing research, Yan participates in the enthusiast and educational cybersecurity communities. He is a Captain Emeritus of Shellphish, one of the oldest ethical hacking groups in the world, and a founder of the Order of the Overflow, with whom he ran DEF CON CTF, the
    “world championship” of cybersecurity competitions, from 2018 through 2021. Now, he helps demystify the hacking scene as a co-host of the CTF RadiOOO podcast and forge connections between the government and the hacking community through his participation on CISA’s Technical Advisory Council. In order to inspire students to pursue cybersecurity (and, ultimately,
    compete at DEF CON!), Yan created, an open practice-makes-perfect learning platform that is revolutionizing cybersecurity education for aspiring hackers around the world.

    Matt: Matt is passionate about building intuitive systems to solve real problems. He is an
    Arizona State University alum, with a history in low-level system software/firmware development, program analysis, full-system emulation, graphics, audio, networking, and beyond. Matt contributes both professionally and as a personal interest to multiple open source projects,
    and is driven to delivering solutions to advance the state of the art in program analysis.

    Audrey: Audrey is a PhD student at Arizona State university. She loves reverse engineering, fruit, Celeste (2018), Python, Rust, and symbolic execution.

    Trainer(s) social media links:
    Fish: @ltfish_
    Yan: @zardus
    Matt: @MattBorgerson
    Audrey: @rhelmot

    DATE:Aug 15th to 16th 2022
    TIME:8am to 5pm PDT
    VENUE:Caesars Forum Ballroom
    TRAINERS:Fish Wang & Audrey Dutcher

    CERTIFICATE TEST AVAILABLE (after class) Please purchase Certificate test

    - 16 hours of training with a certificate of completion for some classes
    - COVID safety: Masks required for indoor training
    - Note: Classes that do not meet their minimum class size by July 15 will be canceled, please register early
    - Note: Food is NOT included
    Last edited by number6; August 14, 2022, 21:11.