Lectures :: Exodus Intelligence

Innovation at Work

Our Research

We are frequently invited to present at security conferences,
universities and private events worldwide to share results of our research.

REQUEST LECTURE

past lectures

venue	speakers	title	year
Shmoocon	Loc Nguyen	Micronesia	2015
Abstract This talk proposes a bootkit solution to allow for discrete full-system monitoring and determination of insider-threat activity.
Fortinet GPC Cruise	Aaron Portnoy	Panel: Exodus and Fortiguard	2015
Abstract This panel was a discussion of Exodus' relationship with Fortinet and supplement the Fortiguard team output.
535th Worcester Economic Club Meeting	Aaron Portnoy	The Economics of Vulnerabilities	2014
Abstract This talk presents an overview of the history of vulnerability markets.
Summercon	Aaron Portnoy	Bypassing all of the things	2013
Abstract This presentation is intended to give the viewer insight into an approach to the vulnerability discovery and exploitation process.
CanSecWest	Peter Vreugdenhil	Adobe Sandbox: When the broker is broken	2013
Abstract A breakdown of the workings of the Adobe Reader sandbox, its strong points, weaknesses and escapes.

check out some

DECKS FROM PREVIOUS TALKS

2013
Bypassing all of the things

This presentation is intended to give the viewer insight into an approach to the vulnerability discovery and exploitation process.
2013
Adobe Sandbox: When the broker is broken

A breakdown of the workings of the Adobe Reader sandbox, its strong points, weaknessses and escapes
2012
Yo Dawg, I heard you like reversing

In this presentation a new tools is revealed that greatly increases a reverse engineer's efficiency.
2011
Black Box Auditing Adobe Shockwave

This talk will walk the audience through the Exodus' approach to reverse engineering Adobe Shockwave for the purposes of vulnerabilty discovery and analysis.
2010
NYU Poly Reverse Engineering Lecture 101

This lecture for a PhD course at NYU Poly covers introductory reverse engineering concepts and techniques.
2010
NYU Poly Reverse Engineering Lecture 102

This lecture for a PhD course at NYU Poly covers introductory reverse engineering concepts and techniques.
2009
Reversing Microsoft DirectShow

This presentation walks through the inner workings of Microsoft DirectShow and demonstrates zero-day vulnerabilities discovered within.
2008
Reverse Engineering Dynamic Languages: Python

This presentation dives into the internals of the Python programming language and introduces tools & methods a reverse engineer can employ.
2008
Reverse Engineer's Cookbook

This talk presents the foundation for a new, more analytical, approach to reverse engineering that influenced later tool development.
2008
Reverse Engineering Python Applications

This presentation dives into the internals of the Python programming language and introduces tools & methods a reverse engineer can employ.
2007
Fuzzing Sucks! Introducing Sulley Fuzzing Framework

In this talk, we present a new fuzzing framework called Sulley that was developed to discover more complex vulnerabilties in closed source applications.
2007
MSRPC Auditing Tools and Techniques

This presentation discusses a new tool, pymsrpc, intended to aid a vulnerability hunter with auditing Microsoft RPC services.

Innovation at Work

Our Research

past lectures

Abstract

Abstract

Abstract

Abstract

Abstract

Bypassing all of the things

Adobe Sandbox: When the broker is broken

Yo Dawg, I heard you like reversing

Black Box Auditing Adobe Shockwave

NYU Poly Reverse Engineering Lecture 101

NYU Poly Reverse Engineering Lecture 102

Reversing Microsoft DirectShow

Reverse Engineering Dynamic Languages: Python

Reverse Engineer's Cookbook

Reverse Engineering Python Applications

Fuzzing Sucks! Introducing Sulley Fuzzing Framework

MSRPC Auditing Tools and Techniques