Instructor:Jeremy Blackthorne
Dates: May 30- June 2 2022
Location: Hilton Double Tree
Capacity: 20 Seats
This training will teach students without prior experience how to develop exploits for modern binary software, taking them from 1990s style buffer overflows through contemporary exploitation in programs protected by stack canaries, NX, RELRO, and ASLR. The training will focus on exploiting Linux user mode x86/x64 binaries, but the lessons learned from the class are widely applicable to other platforms and architectures. Students will learn to reason about the fundamental structures that give rise to software vulnerabilities and the various techniques used to exploit them.
The course is primarily hands-on-keyboard exercises rather than lecturing, but will introduce diagrams and theory as needed.
Prerequisites:
Students are expected to have experience programming in C or C++, and basic knowledge of the Linux command line. Prior experience with reverse-engineering is nice to have, but not required.
Software Requirements:
VMWare or VirtualBox to run a Linux VM (all exercises will be in the Linux VM)
Jeremy Blackthorne (0xJeremy) is co-founder and lead instructor of the Boston Cybernetics Institute (@BosCybernetics). He is a former researcher of MIT Lincoln Laboratory, specifically the Cyber System Assessments group, where his research focused on building and breaking cybersecurity solutions for the military. Before that, Jeremy served in the United States Marine Corps and completed three tours in Iraq. He is currently a PhD candidate in computer science at RPI focusing on anti-analysis techniques in computer programs and is a proud alumnus of RPISEC.
Click here to register.