This course aims to equip students with the necessary skills to leverage modern AI tools for enhancing and automating vulnerability discovery and code analysis. The primary focus of the course will be on code analysis and auditing, with a particular emphasis on vulnerability research. Read more...
A 4-day Linux kernel exploitation frenzy! This training guides researchers through the field of Linux kernel exploitation. In a series of practical labs, the training explores the process of exploiting kernel bugs in a modern Linux distribution on the x86-64 architecture. Read more...
This course aims to provide a comprehensive understanding of the architecture of modern EDRs and their underlying Antivirus (AV) systems. It delves deeply into the complexity of modern EDRs, their structure, including the components responsible for real-time monitoring, data collection, and threat analysis. Read more...
This class is designed to introduce students to the best tools and technology available for automating vulnerability discovery and crash triage with a focus on delivering a practical approach to applying this technology in real deployments. Read more...
This class is meant to show the approach an exploit developer or bug hunter should take in attacking a previously unknown component in the Windows kernel. The training is primarily focused around labs to teach the students what it takes to exploit a real-world vulnerability. Read more...
As a student, you will be taught the essential tips and tricks on how to debug an embedded device and extract firmware, and you will also be taught some exploitation techniques for ARM and MIPS. But the main aim of this course is to provide students with the necessary knowledge to find a zero day vulnerability in a device and exploit it. Read more...
This 4 day class is designed to teach students the features of C++ that are most commonly encountered in binaries, their implementation details, and how to cope with them in Hex-Rays while reverse engineering. The class also covers Hex-Rays as a tool in great detail. Read more...
Web browsers are among the most widely used and essential software globally. With millions of lines of code, they manage, sanitize, and interpret various types of untrusted web data. This training will focus on applying various fuzzing techniques to uncover critical vulnerabilities in different web browser implementations. Read more...
Join the esteemed senior security researcher and endpoint security engineer, as she takes you along a deep dive into the internals of the Windows 11 Operating System. Covering Windows 11 “24H2”, the upcoming “25H2”, and Server 2022 and 2025, you’ll unravel the secrets of how GRU bootkits, PLA software supply chain implants, NSA backdoors, and other kernel and firmware malware work. Read more...
Few publicly-known hacks have inspired the imagination of security researchers as much as exploits against IM (instant messaging) applications. 0-click attacks aimed against applications such as WhatsApp, iMessage, and Telegram have raised unprecedented interest and have often caused political turmoil. Yet, in sharp contrast with the curiosity that IM exploitation generates, public information about this surface remains scant. This training is our bid to bridge the gap. Read more...
