Assured Exploitation Training

This year, Alex Sotirov and I will be teaching our first “Assured Exploitation” training class at CanSecWest.  This training class is focused on various topics in advanced exploitation of memory corruption vulnerabilities.  This includes a thorough understanding of exploitation mitigations (where they are effective and where they aren’t), heap manipulation, return-oriented programming, and ensuring a clean continuation of process execution so that the application does not crash.

Over the course of the training, the hands-on exercises will be oriented around taking the students through the steps of fully understanding the “Aurora” Internet Explorer vulnerability and developing their own reliable and robust exploit for Internet Explorer 8 on Windows 7, just like the exploit demonstrated in this video demo of my exploit: