Immunity Master Class
The Immunity Master Class focuses on modern exploit development and vulnerability discovery techniques. Intermediate to advanced exploit development skills are recommended for students wishing to take the Master class. Immunity's trainers have developed a Prerequisite Evaluation for all potential students to take prior to signing up for the Master class. This evaluation will help ensure that this class is right for you.
For additional information, pricing quotes, or a copy of the Prerequisite Evaluation, please send an email to training@immunityinc.com.
Master Class Syllabus*
Day 1: Finding bugsAdvanced C Auditing
Day 2: Java Auditing and Exploitation
Introduction to the Java Sandbox
Security Manager & Access Controller
Permission
The ClassLoader
Java Reflection
Environment Set-up
Old bug classes
doPrivileged
Deserialization
Trusted Chain
New Bug Classes
Immediate Trusted Caller
Exploitation Techniques
Day 3: Linux Kernel Exploitation I
Introduction to the Kernel
Userland vs Kernel land
Setting a debugging environment
Kernel internals
Taxonomy of a Kernel Vulnerability
Not initialized/corrupted pointer dereference
Stack Overflow
Userland not validated pointer dereference
Tracing data and automatically generating new inputs
Whitebox fuzzing - Using SMT solvers to fuzz for bugs
Day 4: Linux Kernel Exploitation II
Generic Kernel Pool Overflow
Kernel Cache Pool Overflow
Non-contiguous memory area overflow
Buffer overflow
NULL dereference
Arbitrary dereference
Logical Bugs
Race condition
Integer Overflow
Reference count overflow
Protections
Shellcode on the kernel (Execution, Triggering, Information Gathering)
Past / Present / Future
Day 5: Windows Kernel exploitation
Debugging environment setup
Kernel debugging principles
Windows kernel architecture
Kernel-land vs user-land
Kernel shellcoding
Kernel structures
Token stealing
Past vulnerabilities & how to find them
Protocols
IOCTL & FSCTL
Window management
Arbitrary overwrite exploitation
Recent techniques
Hands-on Exploitation
Custom vulnerable driver
Real vulnerabilities
* Class syllabus is subject to change.