YoVDO

EBPF ELFs JMPing Through the Windows

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Windows Security Courses Fuzzing Courses eBPF Courses

Course Description

Overview

Explore the capabilities, security model, and implementation details of eBPF for Windows in this comprehensive Black Hat conference talk. Delve into the eBPF API, trusted static verifier, JIT engine, and kernel implementation of trace hooks and telemetry providers. Uncover vulnerabilities across multiple layers through demonstrations of fuzzing Windows eBPF components and real-time bug discovery. Examine the challenges of exploiting memory corruption in the eBPF implementation on Windows, particularly within the context of Windows Protected Processes. Gain valuable insights into the design and attack surface of this powerful technology, presented by Richard Johnson over the course of 40 minutes.

Syllabus

eBPF ELFs JMPing Through the Windows


Taught by

Black Hat

Related Courses

Security Principles
(ISC)² via Coursera A Strategic Approach to Cybersecurity
University of Maryland, College Park via Coursera FinTech for Finance and Business Leaders
ACCA via edX Access Control Concepts
(ISC)² via Coursera Access Controls
(ISC)² via Coursera