'Zero-days' and 'exploits' are terms that are frequently thrown about. Their inner workings, however, may not be widely understood.
This workshop will demystify the art of exploitation and uncover techniques used by attackers to bypass exploit mitigations and weaponised vulnerabilities. At the end of the workshop, attendees will be able to develop a working exploit that achieves arbitrary code execution.
Who Should Attend
- Application Developers
- IT security personnel who wish to gain insights into how attackers exploit software
Instructions for Attendees
- Bring along an Internet-enabled laptop (installed with VMWare 14 and above, or VirtualBox 6 and above)
- Ensure laptop is able to launch 64-bit Windows 10 virtual machine (virtual machine will be provided on actual day)
- Be comfortable with Windows environment
- Be familiar with C++
- Be able to read x86-64 assembly
- Be familiar with WinDbg as it will be the tool of choice for debugging
- Understand the concepts of stack and heap in terms of memory management will be advantageous