On This Page

Advanced Security: for Hackers and Developers

VDA Labs | August 6-7



Overview

Day 1 - IoT, Embedded, and Automotive
The first day is all about instruction and labs around finding bugs in an embedded systems. We will describe the processes and likely targets, and begin a real-world hunt through interesting code to find and exploit bugs - just the type of activities security researchers, pentesters, and security engineers of all kinds might be asked to do.

We will do:
  • Firmware unpacking
  • Code analysis and reverse engineering
  • Bug Hunting via static and dynamic techniques
  • Exploitation

Day 2 - Windows Browser and Kernel Hacking
  • ROP, EMET, & Use-after-free
  • Lecture: Browser vendors have added UaF protections
  • Lab: Bypass Isolated Heap and Deferred Free

Control Flow Integrity
  • Lecture: Describe new feature in VS 2015, used to protect program execution
  • Lab: Bypass Microsoft's Control Flow Guard

Browser Extension Exploitation
  • Lecture: Discuss flash and describe an exploit that was disclosed as part of the Hacking Team fiasco
  • Lab: Understand and work with the exploit

Kernel Debugging
  • Lecture: Discuss the Windows Architecture, including the principles and components of the Kernel
  • Lab: Learn how to debug system code

Kernel Auditing
  • Lecture: Windows drivers- how they work and how to find bugs in them
  • Lab: Find bugs in the provided driver code

Kernel Fuzzing
  • Lecture: Syscalls, IOCTLs, User/GDI, Networking/IO stacks, etc.
  • Lab: Perform GDI/Font fuzzing

Kernel Exploitation
  • Lecture: Teach about kernel exploits and defenses
  • Lab: Examine details of two kernel exploits: how ROP and actual elevation works

Who Should Take this Course

Anyone interesting in hard core code security and vulnerabilities. Security researchers, managers, testers, developers, security architects, etc. Folks from all industries will benefit from this deep class.

Student Requirements

It is recommended that you first take "Application Security: for Hackers and Developers" or have equivalent knowledge

What Students Should Bring

Students are required to provide a laptop for the course. Your computer should have 100GB of free HD space and should have 8GB of RAM. Install ahead of time either VMware workstation/player or Fusion. You will need a USB port and an OS that can read ExFat FileSystem to copy the data. (Most Mac and Windows have that, but with Linux, check for the driver.) You may not share course media with non-students.

What Students Will Be Provided With

You will be given course material and multiple virtual machines. Copy to your OS drive, and pass the portable Media to your neighbor. You may not share any course material with non-students.

Trainers

Dr. Jared DeMott is the founder of the security company, Vulnerability Discovery & Analysis (VDA) Labs. DeMott is a former NSA security analyst, Microsoft BlueHat Prize winner, and was the CTO at Binary Defense. He's frequently quoted in media, and invited to speak at security events. You'll find fingerprints of his work across the InfoSec community: fuzzing, code auditing, exploitation, incident response, malware analysis, pentests, threat intelligence, and security training. When DeMott isn't leading a project, or bypassing a security control, he's enjoying time with his family outdoors.