This 3 day course is structured to impart upon the students the skills necessary to effectively utilize debuggers, 
disassemblers, and other tools to discover vulnerabilities in binary code. The curriculum will begin by introducing 
students to the tools and generic techniques that will enable them to actively participate in reversing applications 
during the rest of the course.

After gaining a basic understanding of the tools involved, the instructors will spend day 2 walking students through 
case studies from patched vulnerabilities. That is, we will be choosing specific vulnerabilities and walking the 
students through the methodology used to verify them (debugging) and how the discoverer likely found them (fuzzing, 
static reverse engineering, dynamic instrumentation, etc). As each flaw is dissected, we will focus on how the 
student's arsenal of techniques can be extended to more easily debug applications and eventually discover similar 
bugs going forward.

On day 3 we will begin focusing on automating our tools to build a checklist that we can use to more efficiently 
reverse engineer a binary code base. We will walk through a complete audit of a default installation (latest 
version) of a popular enterprise server application culminating in the discovery of a remote pre-authentication 
0day vulnerability. Students will be required to sign a minimal NDA in order to participate in this portion of 
the training.