Course is dedicated for software and security engineers who are willing to learn byte-level work with the computer on user and kernel space level of Linux, Windows OS. The main purpose for attendees is to understand how binaries and systems work and how to attack them.
Pre-requisites:
- C, Go, Python programming
- Terminal/CMD expertise
- Laptop with equal or stronger specifications: Intel core i3-8xxx, 8GB RAM, 60GB free space.
1. Linux. User space. Syscalls
2. ELF debugging: gdb, r2, NSA ghidra, IDA
3. Stack buffer overflow (user space BOF). NX bit, StackGuard, ASLR
4. Linux. Kernel space. Mitigation.
Introduction Linux kernel space exploitation. Modern defence mechanisms’ mitigations (KASLR, SMAP, SMEP, kPTI). ROP introduction (return-oriented-programming)
5. Linux kernel. BOF
Practical introduction with kernel exploitation with solving a task with BOF vulnerability.
6. Linux kernel. UAF
Practical introduction with Use-After-Free exploitation in kernel space
7. Linux kernel. UAF
Practical introduction with Use-After-Free exploitation in kernel space
8. Development and nature of rootkits.
Linux rootkit. eBPF
