Finding The Bugs To Sploit
•
Odd crashes from input
•
Fuzzing input with AAAA’s, “%08x %s”, etc
•
Source code analysis
•
Reported bugs with no exploits
–
Great place to practice
–
Start with security advisories that give
technical details