What learning paths is this class used in?
Debugging, Reverse Engineering, Malware Analysis, Exploits
This is it! This is the class that *actually* teaches you how to configure an advanced Windows kernel debugging environment. This class gives you all the steps to quickly and automatically build 2 VMs: a debugger VM and a target VM. You'll obtain an automated way to build an executable on a debugger VM and then automatically push that executable to a target VM so you can run it. The debugger VM is able to debug the kernel of the target VM using WinDbg as well as decompiled source code level debugging with IDA/Ghidra and ret-sync.
After this class, you'll have a very efficient way of debugging the Windows kernel.You must have taken OST2 Architecture 1001, or have equivalent knowledge of assembly.
You must have taken OST2 Debuggers 1011: Introductory WinDbg and Debuggers 2011: Intermediate WinDbg, or have equivalent knowledge of WinDbg.
Debugging, Reverse Engineering, Malware Analysis, Exploits
That is the question...
Cedric (@saidelike and @saidelike) specialises in vulnerability research and exploit development, and while at NCC Group working in the Exploit Development Group (EDG) has published some public research related to Cisco ASA, Windows kernel, NAS devices, printers, etc.