SEARCH
TOOLBOX
LANGUAGES
Difference between revisions of "Training 2016 - Windows Kernel Exploitation"

Difference between revisions of "Training 2016 - Windows Kernel Exploitation"

From BruCON 2017

Jump to: navigation, search
(Created page with "=Windows Kernel Exploitation= ===Course Description=== This training is focused on exploitation of different Windows Kernel Mode vulnerabilities ranging from Pool Overflow t...")
 
m (Protected "Training 2016 - Windows Kernel Exploitation" ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite)))
(No difference)

Revision as of 15:24, 24 May 2016

Windows Kernel Exploitation

Course Description

This training is focused on exploitation of different Windows Kernel Mode vulnerabilities ranging from Pool Overflow to Use after Free. We will cover basics of Windows Kernel Internals and hands-on fuzzing of Windows Kernel Mode drivers. We will dive deep into exploit development of various kernel mode vulnerabilities. We will also look into different vulnerabilities in terms of code and the mitigations applied to fix the respective vulnerabilities.

Upon completion of this training, participants will be able to:

  • Learn basics of Windows Internals
  • Understand how to fuzz Windows Kernel mode drivers to find vulnerabilities
  • Learn the exploit development process in Kernel mode
  • Understand how a vulnerability looks like in driver code
  • Understand how a vulnerability can be mitigated

Course contents

Target audience

This course is for penetration testers, mobile developers or anyone keen to learn mobile application security

Hardware/software Requirements

Trainer Biography

Prateek.Gianchandani.jpg

Prateek Gianchandani, an OWASP member and contributor has been working in the infosec industry for about 5 years. During his five years, he has performed a number of penetration tests on mobile and web applications and even developed a lot of applications for the App Store. His core focus area is iOS application pentesting and exploitation. He is also the author of the open source vulnerable application named Damn Vulnerable iOS app. He has presented and trained at Conferences like Defcon, Blackhat USA, Brucon, Hack in paris, Phdays etc.


300px-twitter-icon.jpg @prateekg147

Links :

Mon. 24 - 26 October 2016 (09:00 - 17:00) (3-day)

Register.jpg

Back to Training Overview