Advanced Exploitation

As we learned in the first course (Security: For Hackers and Developers), there are almost always bugs in code. We found them by auditing, fuzzing, and reversing code. Then we crafted exploits. To counter this reality, vendors have developed a variety of protections.
Day 1: Browser Exploitation

In this class we continue the battle. We describe a number of modern day protections: things like EMET, Isolated Heap, and CFG. We then perform hands-on lab work to show how bypasses can be constructed. This build-and-break teaching style provides the tools for vulnerability researchers, security engineers, and developers to perform cutting edge research of their own.

Day 2: Kernel Exploitation

The second half of the class is all about the kernel. You will learn how to debug, audit, fuzz, and exploit kernel code. The class is fast pasted, but low stress and fun. Prepare to learn!

It is recommended that you first take “Application Security: for Hackers and Developers” or have equivalent knowledge

TRAINING COURSES OFFERED

The following standard courses are regularly conducted by VDA Labs – to see the next upcoming sessions, check the upcoming list to the right.

Application Security: For Hackers and Developers

Advanced Exploitation

Advanced Malware Training

Binary Ninja Training

Deeper Investigations for the SOC

Security Leadership Training

For any VDA class students should bring:

  • Modern laptop capable of playing a VM (player, workstation, or fusion)
  • Plenty of HD (at least 70 GB free), CPU (at least 4 cores), and RAM (at least 8 GB)
  • You’ll need a USB port to copy the VM media to your HD