The ARM64 Exploit Laboratory 

The ARM64 Exploit Laboratory is a brand new class. 64-bit ARM CPUs, having already dominated the world of mobile devices, are starting to take centre stage in desktop and server computing.

This class is ideal for students who want to go from zero to deep in understanding and exploiting real world vulnerabilities on Linux ARM64. Students will study key differences between ARM32 and ARM64, dive into ARM64 assembly, debugging 64-bit processes and practically exploiting memory corruption vulnerabilities on ARM64. The class also covers practical Infoleak techniques, bypassing Stack Canaries and applying ARM64 Return Oriented Programming (ROP) techniques for exploiting real world software. Students will have ample time for hands on exercises to sharpen their exploitation skills.



Course Topics

Part 1: Foundations

ARM64 Assembly, Debugging, 64-bit Memory Layout:

ARM64 Shellcode, Simple ROP Chains, End to End Exploit:

Part 2 - Real World Case Study - Exploiting a Production Web Server

Practical Infoleaks and bypassing 64-bit ASLR:

Practical ARM64 ROP Chains:

Bypassing Stack Cookies:


Hardware Requirements

Software Requirements


Saumil is an internationally recognised speaker and instructor, having regularly presented at conferences like Blackhat, RSA, CanSecWest, PacSec, EUSecWest,, Hack-in-the-Box, Deepsec and others. He has authored two books titled "Web Hacking: Attacks and Defense" and "The Anti-Virus Book".

Saumil graduated with an M.S. in Computer Science from Purdue University, USA and a B.E. in Computer Engineering from Gujarat University. He spends his leisure time breaking software, flying kites, traveling around the world, and taking pictures.


To Register

Click here to register.