Your CPU speaks assembly. Shouldn't you? Master x86-64 with the most common instructions and unlock reverse engineering, exploit dev & OS internals. But this is no skim class; it takes ~28h on average (not counting the final lab). Get started on Architecture 1001: x86-64 Assembly https://ost2.fyi/Arch1001 by @xenokovah today for mad skillz tomorrow!
OpenSecurityTraining2
- 391 Followers
- 5 Following
- 165 Posts
501(c)(3) Non-Profit providing Open Source and Open Access computer security training material. #OST2 re-launched July 2021!
If you're serious about reverse engineering, you need to master a powerful debugger. Dbg1103 walks you through Binary Ninja's debugger hands-on, so you can hit the ground running on real targets. https://ost2.fyi/Dbg1103 by Xusheng Li
Why would anyone learn about Windows kernel exploitation?! Take https://ost2.fyi/Exp4011 by @saidelike and learn about Windows kernel internals, vulnerability exploitation engineering, heap grooming, race condition, UAF, and what it takes to find your own exploitation primitives!
๐ฃNew OST2 class release!๐ฃ
The TPM trilogy is complete! "TC1103: Advanced TPM usage" by Dimi Tomov is now public at https://ost2.fyi/TC1103! Learn about advanced TPM policy access controls, protecting external keys in a TPM, implementing maximum security TPM-backed FDE, and more!
The TPM trilogy is complete! "TC1103: Advanced TPM usage" by Dimi Tomov is now public at https://ost2.fyi/TC1103! Learn about advanced TPM policy access controls, protecting external keys in a TPM, implementing maximum security TPM-backed FDE, and more!
Why spend time on fake vulnerabilities at a CTF when you could learn 38 *real* CVEs? Take "C-Family Software Implementation Vulnerabilities " https://ost2.fyi/Vulns1001 by @xenokovah and @glitchnsec today!
Why read about TPM 2.0 in a spec when you can drive it with Python? ๐ TC2202 teaches real-world TPM programming with tpm2-pytss, taught by its author, Bill Roberts. Hardware-backed crypto, hands-on labs, no fluff. https://ost2.fyi/TC2202
Move from basic fuzzing to a high-performance workflow. Fuzzing 1001 https://ost2.fyi/Fuzz1001 bridges the gap between theory and practical research. Master AFL++, PCGUARD, LTO, and ASAN using real CVEs from Xpdf and tcpdump.
Tired of guessing inputs? Let the computer do the work! Learn about symbolic execution from @barbie in "Reverse Engineering 3201" https://ost2.fyi/RE3201 and use SMT solvers to find the exact inputs to reach vulnerable code. Stop guessing, start solving!
We're happy to say that we're now over 34k students at OST2! ๐๐ฅณ๐
Xeno KovahWe're in discussion to form a partnership with the UEFI Forum. But as part of that we need to propose classes that can be taught on the topics they're involved with. Things like UEFI Measured Boot in particular would make a lot of sense now that we have robust TPM classes at OST2. But any topic is welcomed and encouraged! HMU at that email below if you're interested in getting funded to create a class and make it freely available to the world!
From: @OpenSecurityTraining2
https://infosec.exchange/@OpenSecurityTraining2/116182627920813041
From: @OpenSecurityTraining2
https://infosec.exchange/@OpenSecurityTraining2/116182627920813041
OpenSecurityTraining2 (@[email protected])
OST2 is putting out a request for proposals for an opportunity to be funded to create classes on UEFI and/or ACPI. If you are interested, please reach out to teach๐ost2.fyi with a proposed class syllabus. https://ost2.fyi/Training-RFPs.html