Vulnerability Research Courses and Certifications

OffensiveCon

Changing and Unchanged Things in Vulnerability Research

Explore vulnerability research evolution, from buffer overflows to advanced fuzzing and exploit mitigations. Analyze case studies and future trends in offensive and defensive security strategies.

• YouTube
• 58 minutes
• On-Demand
• Free Video

Microsoft Vulnerability Research: How to Be a Finder as a Vendor - Notacon 11

Explore Microsoft's approach to vulnerability research, focusing on third-party findings, reporting processes, and lessons learned from case studies. Gain insights into effective vulnerability management.

• YouTube
• 33 minutes
• On-Demand
• Free Video

OWASP Foundation

From Theory to Practice - Navigating the Challenges of Vulnerability Research

Explore practical challenges and strategies in vulnerability research, enhancing your skills to identify and mitigate security weaknesses in software systems.

• YouTube
• 47 minutes
• On-Demand
• Free Video

OffensiveCon

No Signal, No Security: Dynamic Baseband Vulnerability Research

Explore dynamic baseband vulnerability research in mobile networks, uncovering security implications when signals are compromised.

• YouTube
• 32 minutes
• On-Demand
• Free Video

DEFCONConference

Retro Exploitation - Vintage Computing as a Vulnerability Research Playground

Explore vulnerability research and exploit development through vintage computing, focusing on the Commodore Amiga platform and practical demonstrations of retro software exploitation techniques.

• YouTube
• 44 minutes
• On-Demand
• Free Video

Empirical Exploitation in Cybersecurity - HD Moore

Explore empirical exploitation techniques with HD Moore, delving into cutting-edge cybersecurity research and practical applications for identifying vulnerabilities.

• YouTube
• 45 minutes
• On-Demand
• Free Video

Bugcrowd

8 Ways to Almost Never Get a Dupe Again in Bug Bounty Hunting

Discover strategies to minimize duplicate bug reports in bug bounty hunting, including developing expertise, exploring unique targets, and leveraging personal strengths.

• YouTube
• 56 minutes
• On-Demand
• Free Video

Fuzzing_in - Hardik Shah

The Hunt for CVE-2023-0286 - Replicating OpenSSL's Latest Vulnerability

Replicate CVE-2023-0286 in OpenSSL, learn to write a libfuzzer harness, and explore vulnerability research techniques for enhanced security awareness and threat prevention.

• YouTube
• 31 minutes
• On-Demand
• Free Video

OffensiveCon

Blasting Past WebP - Exploring Image Format Vulnerabilities

Explore advanced techniques for bypassing WebP image format security measures, uncovering vulnerabilities and potential exploits in web applications.

• YouTube
• 43 minutes
• On-Demand
• Free Video

OffensiveCon

Unearthing Vulnerabilities in the Apple Ecosystem - The Art of KidFuzzerV2.0

Explore Apple's kernel vulnerabilities, attack surfaces, and mitigations. Learn advanced fuzzing techniques and root cause analysis for enhanced security understanding.

• YouTube
• 29 minutes
• On-Demand
• Free Video

OffensiveCon

Advancements in JavaScript Engine Fuzzing - OffensiveCon 2023

Explore advancements in JavaScript engine fuzzing, covering techniques like splicing, code coverage, and hybrid engines to enhance bug discovery and security testing.

• YouTube
• 23 minutes
• On-Demand
• Free Video

OffensiveCon

ASN.1 and Done: A Journey of Exploiting ASN.1 Parsers in the Baseband

Explore ASN.1 parser vulnerabilities in cellular baseband, uncovering security risks and exploitation techniques in mobile communication systems.

• YouTube
• 34 minutes
• On-Demand
• Free Video

OffensiveCon

The Print Spooler Bug that Wasn't in the Print Spooler

Explore a unique Windows vulnerability discovery, from initial bug report to full exploit chain, with insights on Microsoft's patch process and security implications.

• YouTube
• 42 minutes
• On-Demand
• Free Video

OffensiveCon

Hunting for Overlooked Cookies in Windows 11 KTM and Baking Exploits for Them

Dive into Windows 11 Kernel Transaction Manager vulnerability research, learning how to identify overlooked security issues and develop effective exploits for these "cookie" vulnerabilities.

• YouTube
• 52 minutes
• On-Demand
• Free Video

DEFCONConference

New Isn't Always Novel - Finding Basic Vulnerabilities in Enterprise Software

Discover how basic vulnerabilities in enterprise software led to a successful Pwn2Own contest entry, featuring a command injection exploit in Lexmark printers and practical security insights.

• YouTube
• 37 minutes
• On-Demand
• Free Video