Explore the evolving landscape of kernel-based attacks in this conference talk from 44CON 2023. Delve into the implementation of kernel-based attacks for adversary simulation, covering topics such as certificate acquisition, vulnerability discovery in third-party drivers, and rootkit driver functionality. Examine defense mechanisms against these attacks, their effectiveness, and potential future attack vectors in the kernel. Gain insights from live demonstrations of tools designed for vulnerability discovery and rootkit development, presented by a senior staff red team engineer with expertise in pushing the boundaries of adversary simulation and exploitation techniques.
Lessons Learned from a Red Teamer's Journey into the Kernel
44CON Information Security Conference via YouTube
Overview
Syllabus
Khang Nguyen - Lessons Learned from a Red Teamer's Journey into the Kernel
Taught by
44CON Information Security Conference