Module: Automatic Vulnerability Discovery

This module explores the techniques available to us to discover vulnerabilities automatically!

Lectures

The lectures for this module are:

• Automatic Vulnerability Discovery: Introduction (slides here)
• Automatic Vulnerability Discovery: Static Analysis (slides here)
• Automatic Vulnerability Discovery: Fuzzing (slides here)
• Automatic Vulnerability Discovery: Dynamic Symbolic Execution (slides here)
• Automatic Vulnerability Discovery: The Cyber Grand Challenge (slides here)

Practice

• Challenges: babyauto

Again, you will practice on a set of generated challenges. There is a /flag file, and you get to choose one binary on which the SUID flag will be set.

Each program will require you to find bugs in a large number of programs automatically. If you are successful, it will let you read the /flag file.

If you are ready to tackle the challenges, go to https://cse466.pwn.college!