LECTURE DETAILS
This class will demonstrate the approach an exploit developer or bug hunter should take in attacking a previously unknown component in the Windows kernel.
After detailing the Windows kernel internals applicable to many Windows kernel vulnerabilities, the training is primarily focused around labs to teach what it takes to exploit a real-world vulnerability in a new target component.
Prerequisites
* Familiarity with x86/x64 assembly
* C knowledge (reading/writing)
* Userland exploitation on Windows or Linux
* Some familiarity with common memory corruption techniques
* Familiarity with disassemblers (IDA, Ghidra, etc)
* Familiarity with debuggers (WinDbg, x64dbg, gdb, etc)
Who should attend
* Reverse engineers
* Exploit developers
* Bug hunters
Hardware/Software requirements
* Base OS: Windows, OS X, Linux
* VMware virtualisation software
* At least 80GB of free disk space
* At least 8GB of RAM
* 2 VMs will be provided: debugger/development VM and vulnerable VM (the host can be used instead of the debugger VM if Windows-based)