This course introduces you to the low level internals of the iOS and macOS kernels from the perspective of a security researcher interested in vulnerability analysis, kernel rootkit/malware analysis/detection or kernel exploit development.

Learn the fundamentals of reverse engineering from scratch with this incredible course taught by Tim Blazytko.

A comprehensive guide to using Ghidra, covering fundamental operations to advanced techniques, with hands-on exercises on real-world Windows applications.

Gain hands-on experience in a wide range of topics, including Windows and driver internals, various memory corruption types, exploit development techniques, mitigation bypass techniques, pool internals, and Feng-Shui and then test your skills in a CTF challenge!

Learn how to assess the robustness of black box cryptographic blocks in binaries via real-world examples.

This training guides through the field of Linux kernel exploitation. In a series of practical labs, the training explores the process of exploiting kernel bugs in a modern Linux distribution on the x86-64 architecture.

This training equips you with essential skills in Rust reverse engineering. You’ll learn to analyze Rust binaries, understand the language’s compilation and runtime intricacies, utilize tools and plugins, and tackle advanced challenges such as obfuscation and malware analysis.

In this course, students will gain the necessary hands-on experience, knowledge, and confidence to conduct automated program analysis at scale using machine learning.

This course teaches hardware reverse engineering fundamentals, focusing on low-level protocols like SPI, I2C, JTAG, and SWD in embedded systems. Students develop tools to interface with these protocols. All hardware is provided, and students keep the tools after completing the course.

It’s pretty fun to hack things wirelessly. And hey, it turns out there’s literally *billions* of Bluetooth Low Energy (BLE) things sold per year, so let’s learn how to hack those!

This training covers analyzing, fuzz testing, and exploiting devices with custom embedded OS. It dives into Arm Firmware, teaches reverse engineering with Ghidra, and offers hands-on exercises to build proficiency with tools like Unicorn, AFL++, and Fuzzware.

This course teaches patch diffing to analyze real-world Windows and Android vulnerabilities. Students use open-source tools like Ghidra to reverse engineer recent CVEs, gaining the skills and confidence to discover complex vulnerabilities with tools they already have.

This course covers a wide variety of topics - from automotive networks, diagnostic protocols, firmware extraction and wireless attack surfaces. The course is very hands-on, with many real ECUs to practice on.

It has been 15 years since FX famously quipped that by quality level, we are better off defending our networks with Microsoft Word than a Checkpoint firewall. Security products are still pretty terrible - but why? This keynote examines why this keeps happening and plots a path to a different world.

The Linux Kernel powers billions of devices across industries, making it critical infrastructure. But is it secure? Josh explores this by comparing its security investments to a typical SDLC, sharing a case study of an unresolved security issue, and offering recommendations to reduce risk.

In this workshop we will cover the basics of reverse engineering automotive firmware. An ECU firmware can consist of millions of lines of code which would take a long time to fully reverse engineer. Tips and tricks will be taught to quickly identify parts of the firmware that are of interest.

This workshop covers security aspects of compiler internals, enabling students via guided examples to modify code through a compiler. Students will analyze code through compilation stages and perform early code injection. We will conclude by demonstrating the security relevance of a build chain.

Right now you are enveloped in the warming glow of dozens to hundreds of Bluetooth devices. Aren’t you curious what all those little critters are?! In this workshop we’ll use the Blue2thprinting tools to poke at these apparitions and get a sense of what they are and what they want from us!

Fuzz testing is great for finding vulnerabilities, but embedded, bare-metal, and RTOS firmware pose unique challenges. This hands-on workshop explores firmware rehosting, a modern technique for analyzing and fuzz testing deeply embedded firmware.

Automate reverse engineering with Ghidra’s CLI tools in this hands-on workshop. Set up a productive environment using the Ghidra Python VSCode Devcontainer Skeleton, automate tasks, script analyses, and integrate Ghidra’s powerful decompilation and disassembly features into your CLI workflow

This workshop introduces modern binary (de)obfuscation. After a brief lecture on key concepts, we’ll walk through practical examples, using symbolic execution to extract and simplify obfuscated expressions. Finally, we’ll apply program synthesis to recover the semantics of obfuscated code.

Blackhoodie is a free, women only reverse engineering workshop and community. This FREE 1 day class introduces students to security relevant aspects of compiler internals, and with guided examples enables students to perform their own code modifications through a compiler.

Phishing has evolved to bypass MFA using reverse proxies, while traditional defenses like blocklists are aging and evaded. This talk introduces Cloned Site Canarytoken, which alerts you to phishing attempts before credentials are entered, with real-world attack insights and response strategies.

This talk examines EVSE security through an analysis of 8 EV chargers and findings from Pwn2Own Automotive 2024 and 2025. It covers typical charger design, common attack surfaces, and the process of researching an EV charger from scratch, including a successfully exploited vulnerability.