Trusted Execution Environments (TEEs) are challenging to secure due to complex hardware and large trusted code bases. Vulnerabilities have been exploited via the less-secure Rich Execution Environment (REE). TEEPwn features a CTF experience to explore TEE vulnerabilities and exploits.

This training guides through the field of Linux kernel exploitation. In a series of practical labs, the training explores the process of exploiting kernel bugs in a modern Linux distribution on the x86-64 architecture.

A comprehensive guide to using Ghidra, covering fundamental operations to advanced techniques, with hands-on exercises on real-world Windows applications.

This course introduces you to the low level internals of the iOS and macOS kernels from the perspective of a security researcher interested in vulnerability analysis, kernel rootkit/malware analysis/detection or kernel exploit development.

In this course, students will gain the necessary hands-on experience, knowledge, and confidence to conduct automated program analysis at scale using machine learning.

An ideal introduction to vulnerability exploitation on 64-bit ARM Linux platform, spanning from ARM64 assembly all the way to ARM64 Return Oriented Programming (ROP). An ideal step up from the 32-bit ARM Exploit Laboratory.

Gain hands-on experience in a wide range of topics, including Windows and driver internals, various memory corruption types, exploit development techniques, mitigation bypass techniques, pool internals, and Feng-Shui and then test your skills in a CTF challenge!

This training equips you with essential skills in Rust reverse engineering. You’ll learn to analyze Rust binaries, understand the language’s compilation and runtime intricacies, utilize tools and plugins, and tackle advanced challenges such as obfuscation and malware analysis.

Learn the fundamentals of reverse engineering from scratch with this incredible course taught by Tim Blazytko.

Master low-level firmware security in this hands-on course focused on BIOS/UEFI manipulation, bypassing Secure Boot and Intel® BootGuard, and creating BIOS implants and Bootkits. Learn Intel hardware debugging, exploit development, and enhance your offensive and defensive firmware security skills.

This course covers a wide variety of topics - from automotive networks, diagnostic protocols, firmware extraction and wireless attack surfaces. The course is very hands-on, with many real ECUs to practice on.

Learn how to identify and counter threats in 5G networks. Dive into 5G core security, protocols, assess vulnerabilities and develop exploits. The training features hands-on exercises simulating real-world attacks and defenses on a local, isolated 5G network.

This course teaches hardware reverse engineering fundamentals, focusing on low-level protocols like SPI, I2C, JTAG, and SWD in embedded systems. Students develop tools to interface with these protocols. All hardware is provided, and students keep the tools after completing the course.

The "Low Tech Fuzzing" class is designed to teach students efficient fuzzing techniques to quickly find and validate bugs in software.

It's pretty fun to hack things wirelessly. And hey, it turns out there's literally *billions* of Bluetooth Low Energy (BLE) things sold per year, so let's learn how to hack those!

Learn how to assess the robustness of black box cryptographic blocks in binaries via real-world examples.

This course teaches patch diffing to analyze real-world Windows and Android vulnerabilities. Students use open-source tools like Ghidra to reverse engineer recent CVEs, gaining the skills and confidence to discover complex vulnerabilities with tools they already have.

This training covers analyzing, fuzz testing, and exploiting devices with custom embedded OS. It dives into Arm Firmware, teaches reverse engineering with Ghidra, and offers hands-on exercises to build proficiency with tools like Unicorn, AFL++, and Fuzzware.

Fault Injection attacks are increasingly used to break into devices, especially when software vulnerabilities are unknown. Students will use NewAE’s ChipWhisperer-Lite or Husky, along with hardware tools (debugger, oscilloscope), to create Fault Injection exploits on the Espressif ESP32 SoC.

This course details techniques modern malware uses to evade defenders and security tools like AV, IPS, IDS, and EDR. It also covers how attackers design implants for quick redeployment after detection or public disclosure by researchers or security vendors.

Dark Wolf's "Hack Our Drone" equips participants with everything they need to know about hacking Unmanned Autonomous Systems