This course starts by enumerating the Android kernel attack surface (from an LPE perspective) describing any sandboxing options that may limit this attack surface. Though the course is mostly self-contained and there's a brief refresher on arm64 architecture, attendees should be already familiar with this architecture / instruction set. Read more...
For the first time ever, join both the co-author of the Windows Internals book series from Microsoft Press, as well as an esteemed security researcher and endpoint security engineer, as they take you along a deep dive into the internals of the Windows NT kernel architecture. Read more...
This training will focus on the cellular chip, also known as the baseband processor. It is generally perceived that a significant amount of knowledge is required to do baseband research and this poses a barrier to entry into this field for some. In this training we will show that baseband exploitation is not particularly different from other more traditional targets. Students will learn the basics of cellular networks and how to identify, analyze and exploit baseband vulnerabilities. Read more...
Web browsers are among the most utilized consumer facing software products on the planet. As the ubiquitous gateway to the internet, browsers introduce significant risk to the integrity of personal computing devices. This course will focus specifically on Google Chrome and Apple Safari. Read more...
This course is tailored for malware analysts, system developers, forensic analysts, incident responders, or enthusiasts who want to analyze Windows kernel rootkits or develop software for similar tasks. It introduces the Windows architecture and how various kernel components work together at the lowest level. It discusses how rootkits leverage these kernel components to facilitate nefarious activities such as hiding processes, files, network connections, and other common objects. As part of the analytical process, we will delve into the kernel programming environment; we will implement some kernel-mode utilities to aid our understanding. Read more...
"There's an ARM on every desktop, and Intel in the iPhone baseband". The world of ARM IoT devices is growing rapidly. Routers, IP cameras, Network video recorders, VoIP systems and several other "smart" appliances are now running on ARM SoCs. While the hardware is the latest and greatest, the software running on it is a different story. Read more...
This class is designed to introduce students to the best tools and technology available for automating vulnerability discovery and crash triage with a focus on delivering a practical approach to applying this technology in real deployments at any scale. Read more...
This four-day course contains a thorough introduction to static reverse engineering, the act of deriving meaning from assembly language code simply by reading it. The course has been heavily classroom-tested, having been taught over two dozen times. Read more...
In this four day training participants will take a deep dive into topics related to iOS 12/13 userpace level exploitation. This starts with an introduction into the specifics of the iOS platform so that trainees with or without deep knowledge of iOS are on the same track. The following days will then concentrate on real world vulnerabilities in applications, daemons, services and Apple's iMessage. Read more...
