Vulnerability Development Master Class
Since our inception, Exodus Intelligence has provided training courses on a variety of advanced subjects which have consistently been filled with students from around the world. Over the last few years, we’ve hosted Master Classes in the USA, Asia, and Europe–both publicly and privately (by request).
Once again, our flagship course–the Vulnerability Development Master Class–returns with new content, taught by recognized experts. Known as some of the best in the industry, Exodus instructors are armed with real-world experience, as well as multiple Pwn2Own victories and PWNIE awards.
This 5-day course is designed to elevate each participant’s skill set in vulnerability discovery and exploitation from novice to expert. The material for this class will be exclusive zero-day in widely used software. Every target is a real application with a leading market share. We believe adhering to real-world examples helps students understand, in context, the severity of the flaws they unearth.
Dates & Locations
The dates and location are as follows (venue information will be distributed to registered attendees):
- October 17th-21st: Austin, Texas
If we receive sufficient interest in hosting additional events, the above list may expand. Reach out to us via training@exodusintel.com or on twitter via @XI_Research for any inquiries.
Prerequisites
In order to fully benefit from this course, participants should have working knowledge of at least one assembly language (x64/x86 is preferred), vulnerability classes and their related exploitation. Each participant is expect to bring their own laptops with the following software:
- IDA Pro
- Vmware Workstation
Abstract
This 5-day course is designed to provide students with a comprehensive and progressive approach to understanding advanced vulnerability and exploitation topics. Attendees will be immersed in hands-on exercises that impart valuable skills, including:
- Static and dynamic reverse engineering
- Zero-day vulnerability discovery
- Advanced exploitation of widely deployed server and client-side applications
Taught by some of Exodus Intelligence’s leading experts, this course provides students with direct access to our renowned professionals in a setting conducive to individual interactions.
Syllabus
Targets
The majority of the content will be directed at Microsoft Windows targets. There are a few brief sessions covering exploitation of a popular embedded system to arm attendees with advanced exploitation techniques unique to embedded chips.
Activities
Each session of the course is designed to address at least one of the three main activities related to Vulnerability Research: Discovery, Analysis, and Exploitation.
Techniques
The sessions are designed to provide insight into the most effective and advanced techniques in the industry. Each session is designed to highlight each technique’s advantages and disadvantages. Attendees will be exposed to competing techniques for the same solution. Ultimately, attendees will leave our course with the knowledge of each approach and the ability to choose the optimal approach for the circumstances.
- Vulnerability Discovery
- CPU-Specific Exploitable Bugs
- OS-Specific Exploitable Bugs
- Wide Variety of Memory-based Bug Classes
- UAF, Double Free
- Type Confusion
- Integer Signedness
- Integer Sizing
- Unchecked Boundary Values
- Static Binary Code Auditing
- Obtaining Context
- Recognizing Data Structures
- Manual Code Coverage Techniques
- Reconstructing Type Information
- Eliminating Noise
- Recognizing Exploitable Vulnerability Code Constructs
- IDA Scripting to Reduce Complexity
- Dynamic Discovery
- Manual Fuzzing
- Crash Binning
- Measuring and Enhancing Code Coverage
- Code Flow Analysis
- Taint Propagation
- Vulnerability Analysis
- Static Analysis
- Identifying Exploit Constraints
- Recognizing the Code Path
- Crafting the Data Stream
- Dynamic Analysis / Crash Triage
- Discovering Engineering Features
- Debugging a Live Target
- Root Cause Determination
- Debugger Scripting
- Heap Instrumentation
- Code Flow Analysis
- Taint Analysis
- Static Analysis
- Exploitation
- Memory Management Constraints
- Stack Exploitation Nuances
- x64 vs x86 vs MIPS
- Heap Exploitation Nuances
- Bug Class Mechanics
- OS-Specific Mechanics
- Product-Specific Mechanics
- Technique-Specific Mechanics
- Stack Exploitation Nuances
- Memory-Based Exploit Mitigations & Bypasses
- Bypassing Current Technology
- EMET
- ASLR
- DEP
- CFI
- /GS
- Future Anti-ROP Technology
- Binary Randomization
- Stack Pointer Delta Checks
- Bypassing Current Technology
- Post Exploitation
- Elevation of Privilege
- Cleanup Activities
- Moving From PoC to Production
- Ensuring Reliability
- QA Considerations
- Maintenance Considerations
- Memory Management Constraints
Pricing and Registration
The cost for the 5-day course is $6500 USD per student. Register here and pay via stripe, or you can e-mail training@exodusintel.com to register and we will supply an invoice. We have also made available this template request form for individuals to help justify attendance to management.