Kernel Mode Threats and Practical Defenses

Kernel Mode Threats and Practical Defenses

Black Hat via YouTube Direct link

Improving our tradecraft

13 of 30

13 of 30

Improving our tradecraft

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Kernel Mode Threats and Practical Defenses

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Introduction
  2. 2 Why this talk
  3. 3 First generation kernel threats
  4. 4 Microsofts defenses
  5. 5 Boot Kits
  6. 6 Secure Boot
  7. 7 Dooku Threats
  8. 8 Double Pulsar
  9. 9 Hypervisor Code Integrity
  10. 10 Red vs Blue
  11. 11 Implant Design
  12. 12 Turla Driver Loader
  13. 13 Improving our tradecraft
  14. 14 Datadriven attacks
  15. 15 Code reuse attacks
  16. 16 Kernel stack hooking
  17. 17 Calling a function
  18. 18 Readwrite primitive
  19. 19 Demo
  20. 20 Blacklist of known exploitable drivers
  21. 21 How to hunt in the kernel
  22. 22 Page table remapping
  23. 23 Detecting double pulsar
  24. 24 Realtime detection
  25. 25 Weaknesses
  26. 26 Windows
  27. 27 Microsoft
  28. 28 Weaknesses Limitations
  29. 29 Recap
  30. 30 Windows Platform Security

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.