Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Hardening Hyper-V through Offensive Security Research

Black Hat via YouTube

Overview

Explore offensive security research techniques for hardening Microsoft's Hyper-V virtualization stack in this 51-minute Black Hat conference talk. Dive into the importance of virtualization technology in modern computing security strategies and understand why Hyper-V is held to such high security standards, as evidenced by its $250,000 public bug bounty program. Learn about the structure of Hyper-V, including its VMSwitch component, and examine specific vulnerabilities such as write-out-of-bounds issues and kernel thread stack exploits. Discover methods for bypassing Kernel Stack Layout Randomization (KSLR) and how information leaks can be leveraged. Gain insights into effective mitigation strategies, with a focus on two key approaches presented by security researcher Jordan Rabet. Enhance your understanding of virtualization security and offensive research methodologies to better protect critical infrastructure.

Syllabus

Introduction
What is HyperV
VMSwitch
Vulnerability
Write out of bounds
Kernel thread stacks
Bypassing KSLR
Info Leak
What to do
First mitigation
Second mitigation

Taught by

Black Hat

Reviews

Start your review of Hardening Hyper-V through Offensive Security Research

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.