YoVDO

eBPF ELFs JMPing Through the Windows

Offered By: Ekoparty Security Conference via YouTube

Tags

Ekoparty Security Conference Courses Security Vulnerabilities Courses Fuzzing Courses

Course Description

Overview

Explore the first public analysis of eBPF for Windows implementation for security vulnerabilities in this 42-minute conference talk from Ekoparty 2022. Delve into the capabilities and security model of eBPF for Windows, followed by an in-depth examination of its design and attack surface, including the eBPF API, trusted static verifier, JIT engine, and kernel implementation of trace hooks and telemetry providers. Discover uncovered vulnerabilities across multiple layers, with demonstrations of fuzzing Windows eBPF components and real-time bug discovery. Learn from Richard Johnson, a seasoned computer security specialist with over 20 years of experience, currently serving as Senior Principal Security Researcher at Trellix and Chief Research Officer at Fuzzing IO.

Syllabus

Richard Johnson - eBPF ELFs JMPing Through the Windows - Ekoparty 2022


Taught by

Ekoparty Security Conference

Related Courses

Case Studies in Embedded VR - Silvio Cesare - Ekoparty Security Conference - 2022
Ekoparty Security Conference via YouTube
The Making of an Aerospace Village Badge - Dan Allen - Ekoparty 2021: Patagon Aerospace
Ekoparty Security Conference via YouTube
IIoT, Data Infrastructure, Smart Factory - Sarka Pekarova - Ekoparty 2021: OT - IIOT - IOT Space
Ekoparty Security Conference via YouTube
Gotham City- SSH from Zero to Trust - Lucas Calisi - Ekoparty Security Conference - 2021
Ekoparty Security Conference via YouTube
Sleight of ARM- Demystifying Intel Houdini - Brian Hong - Ekoparty 2021- Hardware Hacking Space
Ekoparty Security Conference via YouTube