BlueHat 2023: Why I Write My Own Security Tooling with James Forshaw

It's easy to be impatient when doing security research, you want bugs now! But where to start? Is there source code to review? Do you have binaries to disassemble? James Forshaw suggests you should start by writing some domain specific tooling. There are many advantages to writing your own tooling for a research project. For example, it'll help you better understand the technologies you're investigating which in turn helps you find more interesting vulnerabilities.

In this talk, James discusses the many benefits of writing your own tooling even if it delays that first, amazing find. He’ll show examples of tools he’s written to aid in his Windows research career and take a peek at some bugs he wouldn't have found without them. Finally, James makes the case for why writing your own tools will make you a better researcher.

About James Forshaw:
James is a security researcher in Google’s Project Zero. He has been involved with computer hardware and software security for over 10 years looking at a range of different platforms and applications. With a great interest in logical vulnerabilities he’s been listed as the #1 researcher for MSRC, as well as being a Pwn2Own and Microsoft Mitigation Bypass bounty winner. He has spoken at a number of security conferences including Black Hat USA, CanSecWest, Bluehat, HITB, and Infiltrate. He’s also the author of the book “Attacking Network Protocols” available from NoStarch Press.