YoVDO

Bochspwn - Identifying 0-Days via System-Wide Memory Access Pattern Analysis

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Operating Systems Courses Race Conditions Courses Windows Kernel Courses

Course Description

Overview

Explore an innovative approach to discovering kernel vulnerabilities through dynamic CPU-level instrumentation in this Black Hat USA 2013 conference talk. Delve into the "Bochspwn" project, which utilizes memory access patterns to identify potential race conditions in user-mode memory interactions. Learn about various implementation methods and discover how this technique uncovered approximately 50 local elevation of privilege vulnerabilities in the Windows kernel. Gain insights into the evolution of automated vulnerability discovery and its impact on kernel security. Understand the limitations of current kernel code coverage techniques and the importance of addressing kernel-specific bug classes. Witness the open-sourcing of the Bochspwn tool and explore opportunities for further development and testing of this groundbreaking approach to enhancing system security.

Syllabus

Black Hat USA 2013 - Bochspwn: Identifying 0-days via System-wide Memory Access Pattern Analysis


Taught by

Black Hat

Related Courses

Paradigms of Computer Programming – Abstraction and Concurrency
Université catholique de Louvain via edX
Concurrency in Go
University of California, Irvine via Coursera
Многопоточность
Moscow Institute of Physics and Technology via Coursera
Introduction to Ethereum DeFi Smart Contract Security & Exploits
Coursera Project Network via Coursera
Concurrency in Go (Golang)
Udemy