We are pleased to announce that the researchers of Exodus Intelligence will be providing publicly available training in person on November 14 2023 in London, England.
This 4 day course is designed to provide students with both an overview of the current state of the browser attack surface and an in-depth understanding of advanced vulnerability and exploitation topics. Attendees will be immersed in hands-on exercises that impart valuable skills including static and dynamic reverse engineering, zero-day vulnerability discovery, and advanced exploitation of widely deployed browsers such as Google Chrome and Apple Safari.
Taught by Senior members of the Exodus Intelligence Browser Research Team, this course provides students with direct access to our renowned professionals in a setting conducive to individual interactions.
Emphasis
Hands on with privilege escalation techniques within the JavaScript implementations, JIT optimizers and rendering components.
Prerequisites
- Computer with the ability to run a VirtualBox image (x64, recommended 1GB+ memory)
- Some familiarity with: IDA Pro, Python, C/C++.
- Installed and usable copy of IDA Pro 6.1+, VirtualBox, Python 2.7+.
Course Information
Attendance will be limited to 18 students per course.
Cost: $5000 USD per attendee
Dates: November 14-17, 2023
Location: the London, UK area
Syllabus
- JavaScript Crash Course
- Browsers Overview
- Architecture
- Renderer
- Sandbox
- Deep Dive into JavaScript Engines and JIT Compilation
- Detailed understanding of JavaScript engines and JIT compilation
- Differences between major JavaScript engines (V8, SpiderMonkey, JavaScriptCore)
- Introduction to Browser Exploitation
- Technical aspects and techniques of browser exploitation
- Focus on JavaScript engine and JIT vulnerabilities
- Chrome ArrayShift case study
- Safari NaN Speculation case study
- JIT Compilers in depth
- Chrome/V8 Turbofan
- Firefox/SpiderMonkey Ion
- Safari/JavaScriptCore DFG/FTL
- Chrome ArrayShift case study exploitation
- Types of Arrays
- Chrome ArrayShift case study exploitation continued
- Running shellcode
- Common avenues
- Mitigations
- Browser Fuzzing and Bug Hunting
- Introduction to fuzzing
- Pros and cons of fuzzing
- Fuzzing techniques for browsers
- “Smarter” fuzzing
- Current landscape
- Hands-on exercises throughout the course
- Understanding the environment and getting up to speed
- Analysis and exploitation of a vulnerability
文章来源: https://blog.exodusintel.com/2023/08/04/public-browser-exploitation-training-fall-2023/
如有侵权请联系:admin#unsafe.sh