Trainings
Trainings provided at various conferences (current and past ones).
Reversing Cryptography in Black Box Binaries
Dahmun Goudarzi, Robin David Cryptography is a key component of the development of any product involving sensitive data. Analysing it at binary-level is usually a tedious task. To do so, one should first locate the cryptographic blocks, identify whether they are coming from standard algorithms or custom ones and finally assess their security. Even after complete cartography and understanding of the binary, it remains a challenging task to properly assess if and how the cryptographic blocks are flawed or not. Cryptography is often seen as a field restricted to highly qualified people with strong math background. The goal of this training is to demystify this field by giving attendees a proper knowledge and toolkit to ease the cryptanalysis of primitives in binary files (namely the identification and assessment of the robustness), and how to perform such cryptanalysis with some tools that we created. The various sections and topics will always be provided with hands-on exercises taken from real-world binaries encountered in our assessments. While many topics will be covered to share as much insights as possible, the main goal is to provide the proper material and skill knowledge for any attendees to understand how to tackle cryptography found at binary-level in order to derive an enlighten advice on its soundness and robustness.
Duration: 4 days
Target audience: Practitioners assessing or encountering cryptographic implementation and protocols during reverse at binary-level.
Upcoming sessions
No upcoming session
Past sessions
Hands On Binary Fuzzing and Reverse Engineering
Robin David Fuzzing as a methodology has been an area of interest for generations of security researchers and has proved to be a very effective way to find vulnerabilities. It is today broadly used in various initiatives like OSS-Fuzz or syzbot helping open-source projects detecting bugs early on. However when it comes to auditing closed-source binaries, things are less straightforward. They are interesting targets widely spread on operating systems, smartphones etc. Hopefully, wisely combining public research projects and homemade tools enable achieving efficient, and close to source-level performances. We used to say “There's nothing like a custom fuzzer for a target”. As such, this training aims at providing trainee concepts, methods and building blocks to create proper harness and fuzzers to deal with real-life softwares. Through the use of LIEF, QBDI, HF/QBDI, Triton and TritonDSE the training aims at explaining how one can achieve efficient fuzzing on closed-source targets. Fuzzing research covers a wide range of targets including notably kernel or browser fuzzing. Covering these targets would require a whole training for each of them. Thus, this session focuses on standard userland Linux-based binaries.
Duration: 4 days
Target audience: Reverse engineers, software auditors/testers or any security researcher willing to understand core-concepts of binary fuzzing and applying them on any softwares.
Upcoming sessions
No upcoming session
Past sessions
Practical IDA Pro Python Scripting
Robin David IDA Pro is one of the most used disassembler and reverse-engineering tools. While it is now challenged by other competitors, it is still one of the most fast and accurate, and its Python is largely underrated. This training aims at demystifying the Python API providing trainees the keys to help them automate their reversing tasks and subsquently their reversing efficiency. This course will provide a quick walkthrough in IDA's interface functionalities and then shift to the counterpart in the Python API. It will cover the most useful static and dynamic API capabilities through many practical hands-on. At the end of the training one shall be able to perform any static tasks in a given binary, from searching particular code construct, to applying automatically types or scripting a debugging session from end-to-end. The trainee will be autonomously starting to write their plugins for their own purposes.
Duration: 2 days
Target audience: Reverse engineers, or any security researcher willing to level-up in IDA Pro scripting and willing to leverage all functionalities provided by IDA to make their life easier during reversing.
Upcoming sessions
No upcoming session