32-hour specialized training focused on low-level aspects of hypervisor security. Attendees will get a holistic view of hypervisor and virtualization security from a professional attacker's perspective, and learn the foundational skills required to discover and analyze hypervisor vulnerabilities. Main objective of this course is to establish a solid base of capability for attacking and defending core hypervisor code systematically. This objective stands on three content pillars: generalized hypervisor system internals, state of the art attack surface models, and understanding the security vulnerabilities that affect hypervisors. All the general frameworks are abundantly exemplified with concrete case studies based on the code of popular hypervisors and impactful real-life hypervisor exploits. Materials of this course represent the author's original system of knowledge, and were obtained by a process of first-hand technical research: reverse engineering undocumented system internals, analyzing security patches, and generalizing concrete case studies into universal abstract models which enable knowledge transfer. This course is suitable for beginners in application security and software engineers. All the prerequisite theory is given as part of the course.
For more information about the course and administrative aspects, refer to the course syllabus (PDF)
Beginners to Intermediate
Public live training: not scheduled Self-paced packages: available Private onsite training: limited availability
Vulnerability Research, System Internals, Virtualization
Next level training: Advanced Hypervisor Exploitation Single-topic masterclass series: Hypervisor Security Nightly Vulnerability Research: universal skills Entry level vulnerability research course: Zero Day Vulnerability Research training