Exploit Advanced Course

This 5-day course will provide a very practical training for skills needed in exploitation research and malware analysis. We will start to develop the knowledge of techniques learned in the “Malware and Exploit Essentials Course” further and strengthen the practical experience with them. Advanced topics (like Heap memory or Kernel) will then be introduced and trained in hands-on tasks to understand how these techniques work and help to better defend against them.

Please be aware of the fact, that the situation with the course could change due to the effects of the COVID-19 pandemic, therefore do not any travel arrangement or booking before the confirmation.

Learning Objectives

  • Very good practical knowledge in fundamental exploitation techniques
  • Introduction to advanced exploitation techniques on Linux and Windows systems
  • Exploitation in Heap memory
  • Introduction for Kernel exploitation
  • Advanced static and dynamic analysis of binaries

Target Audience

  • Technical staff of CERTs, IT departments or other governmental or military entities being involved in technical IT security or cyber defence.

Outline

  • Refresh and extend basic skills
    • Buffer overflows
    • ASLR bypass
    • ROP Chain
    • Static and dynamic analysis
  • Advanced exploitation techniques
    • Windows
    • Linux
  • Introduction to exploitation in heap memory
  • Kernel exploitation
  • Mitigation mechanisms against Exploitation in operating systems
  • Advanced static and dynamic analysis

Prerequisites

  • Attended “Malware and Exploit Essentials Course” or good and practical knowledge about the basic techniques in Exploit Research.
  • Good work experience in Linux and Windows environments, especially command line.
  • Understanding of assembly and higher programming languages.
  • Programming experience in assembly, C(++) and/or PYTHON.
  • English language skill comparable to STANAG 6001, 3.2.3.2.

 

NB! Please be aware of the strong technical nature of this course: this is not a course for beginners. Note that we most strongly discourage the participation of students who do not fulfil the prerequisites, since the course contains advanced lab sessions assuming this knowledge. Therefore, the presence of unskilled attendees is likely to hinder the overall progress of the course.

Registration

Registration opens on 12nd of April, 2021. Applicants from CCDCOE member nations should use the registration code provided by their national Point of Contact. An email confirming the participation will be sent only after the registration has closed.

If you have any questions or issues with registration, please contact [email protected]