- This event has passed.
CAE Tech Talk: Symbolic Execution for the Win: Pwning CTFs with Angr
April 21 @ 2:00 pm - 2:50 pm
Mark your calendars and come join your friends in the CAE community for a Tech Talk. CAE Tech Talks are free and conducted live in real-time over the Internet so no travel is required. Capitol Technology University (CTU) hosts the presentations using Zoom which employs slides, VOIP, and chat for live interaction. Just log in as “Guest” and enjoy the presentation(s).
Below is a description of the presentations and logistics of attendance:
Topic: Symbolic Execution for the Win: Pwning CTFs with Angr
Time: 2:00pm – 2:50 pm EST / 11:00am – 11:50am PDT
Just log in as “Guest” and enter your name. No password required.
Presenter(s): Dr. Bryson Payne, University of North Georgia
Description: Cyber competitions and capture-the-flag (CTF) events are a valuable tool for motivating and engaging students and professionals in cybersecurity and cyber operations beyond traditional education and training. Reverse engineering and binary exploitation challenges are common components of online CTFs, but the tools, techniques and procedures for performing reverse engineering and binary exploitation have a steep learning curve and are not taught in many computer science, IT, and cybersecurity degree programs.
Angr is a Python framework for analyzing binaries across a number of platforms and architectures, originally developed as part of a DARPA Cyber Grand Challenge. It combines both static and dynamic, concrete and symbolic (or “concolic”) analysis to enable users to easily analyze how different inputs change the path of a program’s execution. For CTF exercises, angr allows competitors to quickly determine the correct input(s) that would satisfy a program’s constraints leading to a successful solution, thereby capturing the flag. This introductory presentation will demonstrate how angr can be used to solve CTF challenges (or find real-world vulnerabilities) in a fraction of the time required by debuggers, disassemblers, and decompilers alone.
CAE Tech Talks are recorded; view them here: https://www.caecommunity.org/resources/cae-tech-talk-resources
For questions on CAE Tech Talk, please send email to CAETechTalk@nsa.gov