James Forshaw on Writing Your Own Tools

James Forshaw, a security researcher at Google's Project Zero, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. James has been involved with computer hardware and software security for over ten years and has been listed as the number one researcher for MSRC, as well as being a Pwn2Own and Microsoft Mitigation Bypass bounty winner. James is also the author of the book "Attacking Network Protocols" which is available from NoStarch Press. James discusses going after logic-based bugs, his time at BlueHat 2023, and how creativity and intuition help him while hunting for new bugs.   

In This Episode You Will Learn:    

• Values and benefits of writing your own tooling 
• Why James decided on a high-level, call-to-action presentation for BlueHat 2023 
• The inspiration behind his new book “Attacking Network Protocols” 

Some Questions We Ask:    

• Is there a sequence of events you follow when hunting for a logic vulnerability? 
• When should someone consider writing their own tools? 
• What advantages come to mind when writing your tooling for a new project? 

Resources:   

Watch James Forshaw at BlueHat 2023 

View James Forshaw on LinkedIn 

View Nic Fillingham on LinkedIn 

View Wendy Zenone on LinkedIn 

Send us feedback: [email protected]

Follow us on Twitter: @MSFTBlueHat

Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

Hosted on Acast. See acast.com/privacy for more information.