Nullcon Berlin 2023 | Why I Write My Own Security Tooling & Why You Should Too! by James Forshaw
Abstract:
---------------
It's easy to be impatient when doing security research, you want bugs now! But where to start? Is there source code to review? Do you have binaries to disassemble? My opinion, start by writing some domain specific tooling. There are many advantages to writing your own tooling for a research project. It'll help you better understand the technologies you're investigating which in turn helps you find more interesting vulnerabilities.
In this presentation I'll discuss the many benefits of writing your own tooling even if it delays that first, amazing find. I'll show examples of tools I've written to aid in my Windows research career and take a peek at some bugs I wouldn't have found without them. Finally I'll make the case for why writing your own tools will make you a better researcher.
#securitytools #opensource #Infosec #NullconBerlin
------------------------------------------------------------------------------------------------------
Follow nullcon on Facebook: https://www.facebook.com/nullcon
Twitter: https://twitter.com/nullcon
LinkedIn: http://linkedin.com/company/nullcon/
Website: https://nullcon.net
Видео Nullcon Berlin 2023 | Why I Write My Own Security Tooling & Why You Should Too! by James Forshaw канала nullcon
---------------
It's easy to be impatient when doing security research, you want bugs now! But where to start? Is there source code to review? Do you have binaries to disassemble? My opinion, start by writing some domain specific tooling. There are many advantages to writing your own tooling for a research project. It'll help you better understand the technologies you're investigating which in turn helps you find more interesting vulnerabilities.
In this presentation I'll discuss the many benefits of writing your own tooling even if it delays that first, amazing find. I'll show examples of tools I've written to aid in my Windows research career and take a peek at some bugs I wouldn't have found without them. Finally I'll make the case for why writing your own tools will make you a better researcher.
#securitytools #opensource #Infosec #NullconBerlin
------------------------------------------------------------------------------------------------------
Follow nullcon on Facebook: https://www.facebook.com/nullcon
Twitter: https://twitter.com/nullcon
LinkedIn: http://linkedin.com/company/nullcon/
Website: https://nullcon.net
Видео Nullcon Berlin 2023 | Why I Write My Own Security Tooling & Why You Should Too! by James Forshaw канала nullcon
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![Tech Startups/Businesses and Infonomics | CXO Panel | Nullcon Security Conference March 2021](https://i.ytimg.com/vi/a9593s0TKLQ/default.jpg)
![Nullcon Berlin 2023 | Not So Famous Attack Vectors In The World Of Smart Contract Security!](https://i.ytimg.com/vi/C6A2kM1E3CM/default.jpg)
![Saikat Datta at NULLCON | #Nullcon2020 Diary](https://i.ytimg.com/vi/geqYJBdEWrg/default.jpg)
![AI vs. Pandemic by Sneha Banerjee | Winja Talks 2021](https://i.ytimg.com/vi/13N9YNjw5EQ/default.jpg)
![CXO Panel | Securing India The CERTIn Way | Nullcon Goa 2022](https://i.ytimg.com/vi/eMiS4bzq6lA/default.jpg)
![nullcon Goa 2017 - DevOpSec: Rapid Security In The AWS Cloud by Mikhail Advani and Rajesh Tamhane](https://i.ytimg.com/vi/8irWvs51sok/default.jpg)
![Nullcon Goa 2021 is back in Town](https://i.ytimg.com/vi/k00jPn8u1RY/default.jpg)
![Cloud Security Posture Management & Threat Protection | Suman & Sakaldeep | Nullcon Webinars 2022](https://i.ytimg.com/vi/7IvIR4pCakA/default.jpg)
![Nullcon Goa 2023 | Uncovering Azure's Silent Threats: A Journey Into Cloud Vulnerabilities by Nitesh](https://i.ytimg.com/vi/tv8tei97Sv8/default.jpg)
![Bhadra framework: Threat modeling for mobile communication systems by Sid Rao | Nullcon Webinar 2021](https://i.ytimg.com/vi/d6iDpHKvX2s/default.jpg)
![nullcon Goa 2014: Flowinspect A Network Inspection Tool by Ankur Tyagi @7h3rAm](https://i.ytimg.com/vi/E4YptOJzVXQ/default.jpg)
![nullcon Goa 2015: The NSA Playset RF Retroreflectors by Michael Ossmann](https://i.ytimg.com/vi/a4_PvN_A1ts/default.jpg)
![Reversing and De-Obfuscating Malware with Software Emulation | Nullcon Webinar 2022](https://i.ytimg.com/vi/-kLhxX-J7gE/default.jpg)
![nullcon Goa 2018 - Talk with Experts](https://i.ytimg.com/vi/6KJz50KImJw/default.jpg)
![macOS Security Features Bypasses by Example | Jonathan Bar Or (JBO) | Nullcon Webinars 2022](https://i.ytimg.com/vi/xolJTvB5hpA/default.jpg)
![nullcon Goa 2017 - CXO Panel 'Digital Warriors: India And The Future Of Conflict On The Internet'](https://i.ytimg.com/vi/JI5qzlyqIZI/default.jpg)
![What is Cyber Threat Intelligence | Rishika Desai | Winja Unplugged](https://i.ytimg.com/vi/6Xa-TlRCV3Y/default.jpg)
![Securing the Human Factor | CXO Panel Discussion | NULLCON Goa 2020](https://i.ytimg.com/vi/FDt7v0oMfd4/default.jpg)
![Taking the guess out of Glitching! | Adam Laurie | NULLCON Goa 2020](https://i.ytimg.com/vi/eOuUBPOSn0Y/default.jpg)
![A Kernel Hacker Meets Fuchsia OS | Alexander Popov | Nullcon Goa 2022](https://i.ytimg.com/vi/TZz-cbPp2uc/default.jpg)
![Threat Research & Fortnite Scams | Ben Herzberg | nullcon Interviews](https://i.ytimg.com/vi/YTt9rYfCyco/default.jpg)