Sebagai penguji penetrasi, anggota “tim merah”, atau pengembang eksploit, Anda akan sering menghadapi sejumlah mitigasi eksploit yang ditujukan untuk menggagalkan serangan Anda. Dulu, sebagian besar mitigasi ini berfokus pada kerentanan mode pengguna; namun, Kernel sekarang terlindungi dengan baik. Ada mitigasi yang matang, seperti Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), dan Control Flow Guard (CFG), serta mitigasi baru terkait Windows Defender Exploit Guard. Kita akan melihat mitigasi yang paling efektif, dan menjelajah ke mitigasi Kernel seperti Virtualization Based Security (VBS) dan lainnya.
Stephen Sims mulai bekerja di bidang komputer pada usia muda dengan sesama penggemar komputer, yakni ayahnya sendiri. Kagum dengan betapa mudahnya mengubah perilaku aplikasi yang diinginkan, Stephen dengan cepat terpikat. Saat ini, ia adalah pakar industri dengan pengalaman lebih dari 15 tahun di bidang teknologi informasi dan keamanan. Ia menulis panduan pelatihan SANS yang paling canggih, yakni SEC760: Pengembangan Eksploit Tingkat Lanjut untuk Penguji Penetrasi. Ia adalah orang kesembilan di dunia yang mendapatkan sertifikasi Ahli Keamanan GIAC (GSE), dan menjadi penulis Bersama seri buku Gray Hat Hacking, serta pembicara utama yang muncul di RSA USA dan APJ, OWASP AppSec, acara BSides dan banyak lagi. Di samping itu, Stephen adalah Kepala Bidang Kurikulum untuk SANS Cyber Defense dan SANS Penetration Testing.
English
As a penetration tester, red teamer, or exploit developer, you will often be up against a varying number of exploit mitigations aimed at thwarting your attack. In the past, the majority of these mitigations focused on user mode vulnerabilities; however, the Kernel is now well-protected. There are mature mitigations, such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), and Control Flow Guard (CFG), as well as newer mitigations associated with Windows Defender Exploit Guard. We will take a look at the most effective mitigations, and venture into Kernel mitigations such as Virtualization Based Security (VBS) and others.
Stephen Sims began working on computers at a young age with a fellow enthusiast: his father. Amazed by how easy it was to change an application's intended behavior, Stephen was quickly hooked. Today, he's an industry expert with over 15 years of experience in information technology and security. He's authored SANS most advanced course, SEC760: Advanced Exploit Development for Penetration Testers, was the 9th person in the world to earn the GIAC Security Expert certification (GSE), and co-author of the Gray Hat Hacking book series, as well as a keynote speaker who's appeared at RSA USA and APJ, OWASP AppSec, BSides events and more. On top of all this, Stephen is Curriculum Lead for both SANS Cyber Defense and SANS Penetration Testing.
*You can also register to view this webcast recording in English
View English Recording >