Learn the internal workings and usage of standard public tooling for vulnerability research (and understand any deficiencies).Develop custom tooling to assist with vulnerability research on Windows.Practical experience leveraging fuzzing on real targets, with the ability to target arbitrary software with fuzzing techniques (file parsers, network protocols, kernel drivers, etc), there will also be exercises where the student can fuzz and find vulnerabilities in targets of their own choosing (user-land or kernel-land targets).Windows internals explained relating to the windows kernel, hypervisors, user-land components (IPC, named pipes, shared memory, + more).Exercises targeting real software to demonstrate finding real 0-days in code (with live 0-days demonstrated against some target software).Multiple hands-on exercises for each section, including cheat sheets for tool usage and tips.
0 kommentar(er)
