USA 2015: Targeted Attacks
Many Black Hat Trainings teach generalized techniques applicable to many domains, but today we're highlighting three Black Hat USA 2015 Trainings that will focus on exploiting specific operating systems.
Windows kernel security's improved a lot over the years, but there are still ways to circumvent the protections and let a rootkit set up shop. Speaking of which, Windows Kernel Rootkit Techniques will be an advanced Training that provides an end-to-end view of rootkit infection by diving deep the workings of the Windows kernel and examining how malware exploits its weaknesses. This sold out Training will provide all the tricks of Windows kernel exploitation across four busy days.
If Android is more your cup of Java, then you'll want to check out Appsec Labs' Android Application Hacking - Pentesting Mobile Apps. Starting from square one -- as in, what's an APK? -- you'll learn about the Android security model and how to perform static analysis, traffic manipulation, memory dumps, debugging , code modification and dynamic analysis, with an aim toward full exploitation. Throughout you'll get to play with the AppUse custom VM for Android app pentesting, which was created, coincidentally, by the instructors.
Last but not least -- it's already sold out! -- is Offensive Security's Advanced Windows Exploitation. This four-day intensive will challenge attendees to develop creative exploits that can dance around Microsoft's latest mitigations. The Training will cover techniques ranging from precision heap spraying and DEP and ASLR bypass to real-world 64-bit kernel exploitation and EMET bypasses, with lots of hands-on lab work and coverage of vulnerabilities discovered by Offensive Security themselves.
Black Hat USA 2015 will occur at the Mandalay Bay resort in Las Vegas. It goes down August 1-6, so there's plenty of time to lock in early-bird discounts.