YoVDO

The Sandbox Roulette - Are You Ready For The Gamble?

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Malware Analysis Courses Enterprise Security Courses Windows Internals Courses

Course Description

Overview

Explore the vulnerabilities and limitations of application sandboxes in this Black Hat EU 2013 conference talk. Dive into the "Sandbox Roulette" as presenters Rafal Wojtczuk and Rahul Kashyap demonstrate various exploit vectors targeting Windows Operating System vulnerabilities and assess how different commercial sandboxes fare against each attack. Gain insights into the growing trend of application sandboxing in enterprise security, the lack of standardization, and the potential risks when malware analysts use sandboxes. Examine the architectural decomposition of sandboxing technologies, comparing different vendor solutions and evaluating their effectiveness in protecting enterprise data and infrastructure. Learn about sophisticated malware techniques likely to target sandboxes in the future, and discover the real solutions to enhance sandbox security.

Syllabus

Intro
Types of Sandboxes
Windows Internals
State of Windows Security
How does Sandbox work
Example
OS Enhancement Based Sandbox
The Problem
First Vulnerability
Bypass the Sandbox
Buffer Zone Pro Bypass
Secret File Bypass
Type 2 Sandboxes
Type 2 Sandbox
Chromium Sandbox
Chromium Documentation
Chrome Sandbox Demo
Can the Sandbox Stand Ground
Adobe Reader Exploit
Chrome Exploit
untrusted integrity level
podium contest
kernel vulnerability
truetype vulnerability
duotext vulnerability
methodology
Truetype vulnerabilities
Acrobat Reader
Result
Windows kernel vulnerabilities
Alternatives
The Real Solution


Taught by

Black Hat

Related Courses

The RedTeam Blueprint - A Unique Guide To Ethical Hacking
Udemy
Indicators of Compromise - From Malware Analysis to Eradication
44CON Information Security Conference via YouTube
Counterfeiting the Pipes with FakeNet 2.0 - Part 2
Black Hat via YouTube
Advanced Process Injection Techniques
NorthSec via YouTube
Hypervisors in Your Toolbox - Monitoring and Controlling System Events with HyperPlatform
nullcon via YouTube