[Series] From Bug To Exploit — A New Series For Studying Critical Vulnerabilities

First Post:

Last Update:

Word Count:
358

Read Time:
2 min

Background

Through studying different wormable ransomware (e.g., WannaCry and NotPetya). I noticed a recurring pattern.

Both families implement their worming capability through exploits like EternalBlue. This led me to an important realization: my understanding of vulnerability exploitation is still limited compared to malware analysis itself.

To address this gap, I decided to start a new series — “From Bug To Exploit”.

Why?

Quote: Insanity is doing the same thing over and over again and expecting different results. — Albert Einstein (or Rita Mae Brown)

In my previous work, I focused heavily on analyzing RATs and ransomware. While valuable, this approach often leads to similar conclusions across different samples.

This series is an attempt to go one layer deeper — to understand how vulnerabilities are discovered, analyzed, and ultimately weaponized.

Instead of focusing only on malware, I will study critical vulnerabilities in history, ranging from MS08-067, MS17-010 (EternalBlue), to Heartbleed.

This is significantly more challenging, but also far more rewarding. By doing so, I aim to build a solid understanding of real-world exploitation techniques.

From Bug To Exploit

In this series, I plan to cover:

  • Background and environment setup (vulnerable systems, lab setup)
  • Core vulnerability concepts (e.g., Remote Code Execution, Privilege Escalation, Buffer Overflow)
  • Step-by-step vulnerability analysis using debuggers (e.g., Immunity Debugger, WinDbg)
  • Exploitation techniques and payload delivery

Ultimate Goals

  • Develop working Proof-of-Concept (PoC) exploits
  • Understand how real-world implants function (e.g., Meterpreter, DoublePulsar)
  • Bridge the gap between vulnerability research and malware analysis

Lastly

Before ending this article, I would like to share a thought beyond this series.

I believe that learning cybersecurity is gradually becoming more difficult. For instance, if someone wants to study buffer overflow vulnerabilities, they are almost required to understand assembly language and be familiar with debuggers.

However, the number of people learning low-level concepts such as assembly is decreasing over time. As a result, gaining a deep understanding of these topics is becoming increasingly challenging compared to the past.

This is also one of the reasons why I started this series — to push myself to learn and better understand these fundamental concepts.

Articles

(Coming soon…)

THANKS FOR READING