Join the esteemed senior security researcher and endpoint security engineer, as she takes you along a deep dive into the internals of the Windows 11 Operating System. Covering Windows 11 “21H2”, the upcoming “22H1”, and Server 2022. Read more...
This course provides students the skills and knowledge to develop their thin hypervisors as UEFI modules using Intel VT-x. This is a hands-on heavy class and will spend about half of the time with excesses. Read more...
This is 32 hour course trains students to do sophisticated program analysis using Binary Ninja and the Binary Ninja Python API for the purpose of vulnerability research with the goal of improving auditing processes, improving ability to identify interesting code paths, and encoding bug primitives. Read more...
The course focuses primarily on Windows malware and on the analysis, tweaking and re-purposing of real malware samples. Participants will be provided with plenty of custom code to facilitate the understanding of complex malware techniques. Read more...
As a student, you will be taught the essential tips and tricks on how to debug an embedded device and extract firmware, and you will also be taught some exploitation techniques for ARM and MIPS. But the main aim of this course is to provide students with the necessary knowledge to find a zero day vulnerability in a device and exploit it. Read more...
Few publicly-known hacks have inspired the imagination of security researchers as much as exploits against IM (instant messaging) applications. 0-click attacks aimed against applications such as WhatsApp, iMessage, and Telegram have raised unprecedented interest and have often caused political turmoil. Yet, in sharp contrast with the curiosity that IM exploitation generates, public information about this surface remains scant. This training is our bid to bridge the gap. Read more...
This training guides researchers through the field of Linux kernel security. In a series of exercise-driven labs, the training explores the process of finding, assessing, and exploiting kernel bugs in a modern Linux distribution on the x86-64 architecture. Read more...
First, this course will give you all the prerequisites to understand modern web browsers' architecture and significant components. Then, you will create and set up a testing environment allowing you to easily replay, debug, minimize and analyze existing issues, CVEs, and PoCs. Over dedicated modules, you will discover and fuzz the main browser components such as DOM, JS engines, JIT compilers, WebAssembly, and IPC. Read more...
This class is designed to introduce students to the best tools and technology available for automating vulnerability discovery and crash triage with a focus on delivering a practical approach to applying this technology in real deployments. Read more...
This class is ideal for students who want to go from zero to deep in understanding and exploiting real world vulnerabilities on Linux ARM64. Students shall study key differences between ARM32 and ARM64, dive into ARM64 assembly, debugging 64-bit processes and practically exploiting memory corruption vulnerabilities on ARM64. Read more...
Basic understanding of cellular networks, understanding of the interaction between baseband and base stations, understanding of typical baseband architectures, ability to identify and exploit vulnerabilities in the baseband, understanding the interaction between cellular processors and application processors, reverse engineering embedded firmware. Read more...
