Assured Exploitation training in NYC

[Alexander Sotirov <alex () sotirov net>]

Dino Dai Zovi and I will be giving a special New York City edition of our
Assured Exploitation training class next month. If you missed our last
training at CanSecWest, you now have a chance to take it in New York.
The training will be on June 8th and 9th, right before the weekend of
SummerCon, New York's premier security conference.

Many security professionals have mastered stack overflows and heap
spraying, but these techniques are no longer sufficient when developing
exploits on modern platforms. Reliable exploitation on Vista and Windows 7
requires advanced techniques such as heap layout manipulation, return oriented
programming and ASLR information leaks. Our course focuses on teaching the
principles behind these techniques and will give the students hands-on
experience developing real-world exploits. Each student will finish the class
with their own personally-developed exploit for the Aurora use-after-free
vulnerability in Internet Explorer that evades ASLR and DEP and reliably
exploits Windows 7.

The class curriculum also includes:

* In-depth review of GS, ASLR, DEP, SafeSEH and SEHOP exploitation mitigations
* Heap implementation details and manipulation of the heap state on Windows 7
* Building primitives for heap layout control in new applications
* Multistage stack pivots
* Return oriented programming and shellcode development
* Implementing a universal bypass of DEP and ASLR in Internet Explorer

For a full outline of the course and registration information, please see
http://trailofbits.com/2011/05/03/nyc-assured-exploitation-training/

Take care,
Alex

Attachment: _bin
Description:

_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave