Cover Coming Soon

From Day Zero to Zero Day

by Eugene Lim
April 2025, 304 pp.
ISBN-13: 
9781718503946
Use coupon code PREORDER to get 25% off!

 

Vulnerability research is one of the most effective ways to prevent zero-day attacks, making it a highly sought-after skill set in the cybersecurity realm. This book is designed to help newcomers navigate the intersection of disciplines needed to find unknown security flaws before they can be exploited. In it, author Eugene “Spaceraccoon” Lim—an award-winning white-hat hacker—presents a comprehensive roadmap of starter strategies in vulnerability research that will enable you to begin hunting zero days right away. Delving into the intricacies of code review, reverse-engineering, fuzzing, and more, Lim guides you step-by-step on how to discover real-world vulnerabilities in the wild. Even experienced researchers can benefit from Lim’s insights, expanding their toolkits and discovering new zero days along the way.

Learn how to:

  • Strategically select appropriate targets for vulnerability research
  • Master the art of code review and automate variant analysis
  • Reverse-engineer software with a focus on discovering vulnerabilities
  • Bootstrap fuzzing harnesses and analyze crashes
  • Develop exploits and proof-of-concepts

From Day Zero to Zero Day is your gateway to mastering vulnerability research—an increasingly critical domain in safeguarding our digital landscape.

Author Bio 

Eugene Lim is a security researcher and white hat hacker. From Amazon to Zoom, he has helped secure applications from a range of vulnerabilities and was ranked #2 globally on the Hackerone leaderboard. In 2019, he won the Most Valuable Hacker award at the H1-213 live hacking event in Los Angeles organized by Hackerone, the US Air Force, the UK Ministry of Defense, and Verizon Media. In 2021, he was 1 of 5 selected from a pool of 1 million white hat hackers for the H1-Elite Hall of Fame. His work has been featured at top conferences such as Black Hat, DEF CON, and industry publications like WIRED and The Register.

Table of contents 

Introduction

Part I: Day Zero
Chapter 1: Day Zero

Part II: Code Review
Chapter 2: Taint Analysis
Chapter 3: Mapping Code to Attack Surface
Chapter 4: Automated Variant Analysis

Part III: Reverse Engineering
Chapter 5: Binary Taxonomy
Chapter 6: Source and Sink Discovery
Chapter 7: Hybrid Binary Analysis

Part IV: Fuzzing
Chapter 8: Quick-and-Dirty Fuzzing
Chapter 9: Coverage-Guided Fuzzing
Chapter 10: Fuzzing Everything

Part V: Zero Day
Chapter 11: Zero Day

The chapters in red are included in this Early Access PDF.