Lightning fast CTF solving - Automatic Exploit Generation & Side Channel Analysis

Solving CTFs the wrong way has never felt so good. Program analysis frameworks are hard, Zeratool and PinCTF are no exception. I'm going to discuss the challenges that go into building a reliable framework for consistently solving reverse engineering and exploitable CTF problems. We'll talk about why so many reverse engineering problems are vulnerable to side channel analysis attacks and how you can reap all the points in your next CTF. Adding more computing resources to a program analysis framework won't guarantee that you find more bugs. I'm going to show you how these frameworks can be expanded beyond adding resources to solve real-world issues and how exploitable CTF problems don't model high impact vulnerabilities from a program analysis standpoint. We'll talk about what it looks like to expand these frameworks into vulnerability hunting and weaponizing machines! Christoper Roberts (Cyber Scientist at Battelle Memorial Institute) Christopher Roberts is a security researcher at Battelle Memorial Institute. He has extensive vulnerability research experience in embedded systems and program analysis frameworks. He is an active competitor and speaker at George Mason's MasonCC CTF club.