Customizable Static Vulnerability Discovery Using angr's Lesser Known Capabilities

"One of the most badass skills a hacker can possess is the ability to find and pwn vulnerabilities in binary software. Built using cutting-edge techniques, angr enables analysts to swiftly carry out advanced reasoning over software to understand complex code and find the juicy hidden vulnerabilities within. We designed this four-day course focusing on new, advanced static analysis techniques that angr offers under the context of scalable, semi-automated vulnerability discovery and verification. This course is extremely practical and hands-on: Besides a 16-hour lecture, core angr developers will guide students to solve over ten specially crafted problems with angr, in an online environment. This course will focus on Linux/Windows userspace binaries and services in embedded firmware. After completing this course, students will master static analysis skills using angr that will help them assess user-space binary programs for defects and vulnerabilities, and verifying many of these vulnerabilities."