Dive into the world of vulnerability research

You’re curious, but taken aback by the cloud of terms to
memorize, processes to follow and names to know?
We’ve got you.


Understand the Basics:

  • Is there a “hacker mindset”?
  • Who looks for vulnerabilities, and why?
  • How do we measure how “bad” a vulnerability is?
  • What hoops and hurdles are there until a patch is finally issued?
  • In what ways can code become vulnerable?
  • What are these “Bluekeep” and “Spectre” you’ve heard of?
  • What is it like being a vulnerability researcher, and what lies in the future for this field?

Vulnerability by Year

Vulnerability by year

Vulnerability Research

Chapter Reading Time Key Terms
Introduction 3 min Be Excellent to Each Other!
What is ‘Hacking’ Anyway? 7 min Abstraction, ingenuity, supply & demand
Estimating Vuln Impact 4 min CVSS, vector, scope, remediation, …
Lifecycle of a Vuln 9 min Fuzzing, reversing, write-what-where, shellcode, mitigations, bypassses, disclosure
Why Code Becomes Vulnerable 12 min UAF, injection, forgery, overflow, …
Effects of Vulnerable Code 2 min Privilege escalation, information disclosure, arbitrary code execution, denial of service
Household Names Demystified 15 min Bluekeep, Curveball, Spectre, StageFright, …
Q&A with Sagi Tzadik 4 min SIGRed
The Long Game & Conclusion 4 min
Total 1 hr
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.