This four-day course trains students to do sophisticated program analysis using Binary Ninja and the Binary Ninja Python API for the purpose of vulnerability research with the goal of improving auditing processes, improving their ability to identify interesting code paths, and encoding bug primitives. Read more...
This class is meant to show the approach an exploit developer or bug hunter should take in attacking a previously unknown component in the Windows kernel. The training is primarily focused around labs to teach the students what it takes to exploit a real-world vulnerability. Read more...
This training guides researchers through the field of Linux kernel exploitation. In a series of practical labs, the training explores the process of exploiting kernel bugs in a modern Linux distribution on the x86-64 architecture. Read more...
This course, modeled after Jonathan Levin's "*OS Internals: Volume III", takes a practical approach to explaining the security of Apple's operating systems, by explaining the various mechanisms employed by Apple to secure the system - and yet demonstrating how they fail, time and time again. Through case studies of jailbreaks and Pegasus (the only weapons-grade malware caught in the wild), the techniques for protecting the OS integrity - as well as measures used to bypass them - are detailed. Read more...
Few publicly-known hacks have inspired the imagination of security researchers as much as exploits against IM (instant messaging) applications. 0-click attacks aimed against applications such as WhatsApp, iMessage, and Telegram have raised unprecedented interest and have often caused political turmoil. Yet, in sharp contrast with the curiosity that IM exploitation generates, public information about this surface remains scant. This training is our bid to bridge the gap. Read more...
Full Stack Web Attack is not an entry-level course. It’s designed to push you beyond what you thought was possible and set you on the path to develop your own workflow for offensive zero-day web research. Read more...
Fault Injection is often the weapon of choice for breaking into devices when exploitable software vulnerabilities are not known or absent. While Fault Injection attacks are nowadays common, typical concepts, methodologies, techniques, and attacks are often not sufficiently understood. Read more...
The course will present an in-depth description of the techniques implemented in modern malware to evade defenders and security products (such as AV, IPS, IDS, EDR), and how attackers design and operate their implants in order to ensure a prompt redeployment after a detection or a public disclosure by researchers or security vendors. Read more...
Join the esteemed senior security researcher and endpoint security engineer, as she takes you along a deep dive into the internals of the Windows 11 Operating System. Covering Windows 11 “23H2”, the upcoming “24H2”, and Server 2022. Read more...
In this course, students will learn through hands-on exercises how to setup and operate multiple generations of cellular networks using open source components and software-defined radios, how to modify their code for generating customized traffic via programming interfaces and use them for mobile attacks, and how to approach the static and dynamic baseband firmware analysis and reverse engineering of the target devices. Read more...
As a student, you will be taught the essential tips and tricks on how to debug an embedded device and extract firmware, and you will also be taught some exploitation techniques for ARM and MIPS. But the main aim of this course is to provide students with the necessary knowledge to find a zero day vulnerability in a device and exploit it. Read more...
This class is designed to introduce students to the best tools and technology available for automating vulnerability discovery and crash triage with a focus on delivering a practical approach to applying this technology in real deployments. Read more...
