Windows Userland App Attack Surface Enumeration - Vuln Research Windows Userland App Attack Surface Enumeration - Vuln Research

Home  |  Resources  |  Security Research

Identifying a Userland Application’s Attack Surface on Windows

Robert Hawes

< Back to Blog Home

Upcoming Presentation at Wild West Hackin’ Fest:

Enumerating Userland Applications Attack Surface on Windows

VerSprite’s Security Research Consultant & VS-Labs Research Leader, Robert Hawes, will be presenting at the Wild West Hackin’ Fest. Robert’s presentation will cover how to perform attack surface enumeration concerning windows userland applications.

Inside the domain of vulnerability research, many different methodologies exist for how a researcher may start their journey with auditing an application. This presentation will provide information on how to enumerate the attack surface of userland applications that are deployed on the Windows operating system. The purpose of attack surface enumeration is to identify all paths where user-controlled data affects an application. Given that not every application is going to be the same, the attack surface is dependent on what functionality and technologies an application utilizes. Failure to perform proper enumeration can result in an incomplete map of the attack surface.

Robert Hawes, VerSprite Security’s VS-Labs Research Leader, enjoys all things in the area of vulnerability research and exploit development. Robert is passionate about discovering zero-day vulnerabilities and developing accompanying exploits for advance capabilities. Learn more about Wild Fest Hackin’ Fest →

We are an international squad of professionals working as one.