The YouTube playlist for #OpenSecurityTraining2 “Exploitation 4011: Windows Kernel Exploitation: Race Condition + UAF in KTM” class by Cedric Halbronn is now public for those who like to download videos: https://lnkd.in/eMefSmDc But the best way to learn the material is with the full class at https://ost2.fyi/Exp4011. This class assumes you've already taken "x86-64 OS Internals" https://ost2.fyi/Arch2001, "Windows Kernel Internals 2" https://ost2.fyi/Arch2821, and "Advanced WinDbg" https://ost2.fyi/Dbg3011 This is an advanced level class that teaches you how to exploit a race condition vulnerability leading to a use-after-free in the Kernel Transaction Manager (KTM) component of the Windows kernel. This class is meant to show the approach an exploit developer should take in attacking a previously unknown component in the Windows kernel.
OpenSecurityTraining2’s Post
More Relevant Posts
-
Creating bash aliases in the CKAD exam is no longer advised! The CKAD exam has been updated by the Linux Foundation so that each question needs to be solved on a designated host. Instead of a kubectl context command now a ssh command will be provided before every question. The only effect this should have is that creating bash aliases, like for longer kubectl commands, will no longer work because they would be lost once ssh'ing into a different machine. We're working right now to adopt these changes into the CKAD simulator. We already removed all bash alias suggestions from our tips and solutions. Image from on https://lnkd.in/gYx4vJNu #ckad #k8s #kubernetes
-
-
Good morning team, I was hoping to get some last-minute advice. So when I'm in a Linux environment and have fully upgraded my shell, I'm having issues running text editors from my reverse shell (vi, nano) when attempting to modify values. Usually if I'm appending something echo works fine enough. anyways I keep having to kill my shell and get back in. Any tips?? #pen200 #OSCP #PWK #penetrationtesting
-
Founder & CTO @ Shevirah and Bulb Security, Fractional CISO & Security Advisor, Author: Penetration Testing: A Hands-On Introduction to Hacking, Adjunct Faculty @ UMGC, Southern Connecticut State & Purdue Global
Module 2 of my exploit development course, covering saved return pointer overwrites in Windows, is out on Patreon. There are 15 modules in total, covering everything from the very basics of how a buffer overflow works to more complex topics such as bypassing DEP, writing your own shellcode, unicode exploits, and more. https://lnkd.in/eipbKQ2G
Exploit Development Class Material Module 2: Saved Return Pointer Overwrites in Windows | Georgia Weidman
patreon.com
-
New remaster of Linux Lite 3.8 i386: 267.32MB RAM after boot. Linux Kernel 4.4-116, not updated. Updated linux-firmware 1.157.23 (partial update), FPC 3.2.2 Compiler over Lazarus 1.8.0, Mozilla Firefox 122.0, Midnight Commander 4.8.15, E2FS 1.42.13, BTRFS 4.4, NTFS-3G 2015.3.14, ca-certificates, curl 7.47.0, bzip2 1.0.6, p7zip 9.20.1, rzip 2.1, tar 1.28, unzip 6.0, DosBox 0.74.4 and some few changes. This is a personal remaster, not released to the public. You can download a .Iso image of Linux Lite 3.8 and make your own. The best Linux Live-OS for lightweight computers. ;-) https://lnkd.in/ev3MrE_9
-
-
TryHackMe - CTF Participant - CompTIA S+ Certified - Stalking Awareness Professional - SCAM Awareness Professional - CyberSecurity Professional - Personal and Professional Development (CyberSecurity)
I have just completed another short course Windows File System Basics via cybrary Certificate ID: CC-ba4db677-6cd3-4a74-a5df-4a36f689f630
-
-
Linux Command Cheat Sheet
LINUX Commands
xmind.app
-
Aspiring Cybersecurity Student | Proficient in Linux | Ready to Apply Knowledge in Real-World Scenarios | Actively Seeking Internship Opportunities | Student at SRMIST, Kattankulathur, Chennai ,Tamil Nadu
#cybersecjourneydaily #100DaysOfLinux DAY 7/41 During my seventh day of the #100DaysOfLinux challenge, I delved into some fundamental commands. I explored the power of 'sudo' for executing tasks with elevated privileges and gaining deeper system access. The 'top' command became my go-to for real-time monitoring of system processes, helping me understand resource allocation. I learned how to wield the 'kill' command to halt stubborn processes, ensuring smoother system performance. Additionally, I experimented with the 'echo' command, mastering its capability to display text or variables, making interactions with the terminal more dynamic. These commands provided a solid foundation for my Linux journey, empowering me to navigate and manipulate the system efficiently.
-
Logistics Operations Account Manager | Streamlining Supply Chains | Driving Efficiency & Cost Savings | Expert in Warehouse & Distribution Management
I just completed the Linux File System Basics on Cybrary. I gained a solid understanding of the following: -Defining File System: Understand the methodology and data structures that an OS uses to manage files, ensuring data consistency and efficient access. - Structure of the Linux File System: Delved into the hierarchical structure starting from the root (/) and learn the significance of each level in this tree-like structure. - Key Directories: Explore important directories such as /bin, /etc, /home, /var, /usr, and /tmp, understanding their roles in the Linux ecosystem. - Navigating the Linux File System: Equip yourself with hands-on skills to traverse the Linux file system, including using commands like cd, ls, and pwd, understanding absolute and relative paths, and efficiently finding files and directories using commands like find and locate. Mastering Linux file system navigation is essential for system administration, troubleshooting, and efficient data management on Linux-based systems. #Linux #Filesystem #LearningJourney #TechSkills
Get Certificate - Cybrary Cybrary
app.cybrary.it
