Black Hat USA 2015: Targeted Attacks

Many Black Hat Trainings teach generalized techniques applicable to many domains, but today we're highlighting three Black Hat USA 2015 Trainings that will focus on exploiting specific operating systems.

Black Hat Staff, Contributor

May 7, 2015

1 Min Read
Dark Reading logo in a gray background | Dark Reading

Windows kernel security has improved a lot over the years, but there are still ways to circumvent the protections and let a rootkit set up shop. Speaking of which, Windows Kernel Rootkit Techniques will be an advanced Training that provides an end-to-end view of rootkit infection by diving deep the workings of the Windows kernel and examining how malware exploits its weaknesses. This sold-out Training will provide all the tricks of Windows kernel exploitation across four busy days.

If Android is more your cup of Java, then you'll want to check out Appsec Labs' Android Application Hacking - Pentesting Mobile Apps. Starting from square one -- as in, what's an APK? -- you'll learn about the Android security model and how to perform static analysis, traffic manipulation, memory dumps, debugging, code modification and dynamic analysis, with an aim toward full exploitation. Throughout, you'll get to play with the AppUse custom VM for Android app pentesting, which was created, coincidentally, by the instructors.

Last but not least -- it's already sold out! -- is Offensive Security's Advanced Windows Exploitation. This four-day intensive will challenge attendees to develop creative exploits that can dance around Microsoft's latest mitigations. The Training will cover techniques ranging from precision heap spraying and DEP and ASLR bypass, to real-world 64-bit kernel exploitation and EMET bypasses, with lots of hands-on lab work and coverage of vulnerabilities discovered by Offensive Security themselves.

Black Hat USA 2015 will occur at the Mandalay Bay resort in Las Vegas. It goes down August 1-6, so there's plenty of time to lock in early-bird discounts.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights