Lessons Learned from a Red Teamer's Journey into the Kernel

Explore the evolving landscape of kernel-based attacks in this conference talk from 44CON 2023. Delve into the implementation of kernel-based attacks for adversary simulation, covering topics such as certificate acquisition, vulnerability discovery in third-party drivers, and rootkit driver functionality. Examine defense mechanisms against these attacks, their effectiveness, and potential future attack vectors in the kernel. Gain insights from live demonstrations of tools designed for vulnerability discovery and rootkit development, presented by a senior staff red team engineer with expertise in pushing the boundaries of adversary simulation and exploitation techniques.