Скачать или смотреть DEF CON 33 - Infecting the Boot to Own the Kernel: Bootkits and Rootkits Development

DEF CON 33 - Infecting the Boot to Own the Kernel: Bootkits and Rootkits Development

UEFI BootkitsKernel-Mode RootkitsUEFI ApplicationsDXE Runtime DriversKernel-Mode DriversKernel Module ProgrammingUEFIKernelBootkitsRootkitsMalware DevelopmentMalware ResearchLow-Level SecurityFirmware Reverse Engineering

Скачать DEF CON 33 - Infecting the Boot to Own the Kernel: Bootkits and Rootkits Development бесплатно в качестве 4к (2к / 1080p)

У нас вы можете скачать бесплатно DEF CON 33 - Infecting the Boot to Own the Kernel: Bootkits and Rootkits Development или посмотреть видео с ютуба в максимальном доступном качестве.

Для скачивания выберите вариант из формы ниже:

Информация по загрузке:

Cкачать музыку DEF CON 33 - Infecting the Boot to Own the Kernel: Bootkits and Rootkits Development бесплатно в формате MP3:

Если иконки загрузки не отобразились, ПОЖАЛУЙСТА, НАЖМИТЕ ЗДЕСЬ или обновите страницу
Если у вас возникли трудности с загрузкой, пожалуйста, свяжитесь с нами по контактам, указанным в нижней части страницы.
Спасибо за использование сервиса video2dn.com

Описание к видео DEF CON 33 - Infecting the Boot to Own the Kernel: Bootkits and Rootkits Development

While the official DEF CON upload is not yet available on the conference channel, we're publishing this streamed recording so the community can access the talk in the meantime.

💬 About the talk

Bootkits and Rootkits are among the most advanced and stealthy forms of malware: they can compromise a machine before the OS even starts and remain deeply persistent once the kernel is running. In this talk we pull back the curtain to show how these implants are designed, built and executed across the boot stages and inside kernel space.

We walk through the internals of a production-grade UEFI bootkit and its companion Windows kernel-mode rootkit. You'll understand the modular architecture, how firmware-level networking is established early, how payloads are delivered and activated dynamically, and how runtime and kernel services are intercepted to hide artifacts, manage networking, capture input, and maintain command-and-control, all demonstrated with real code and working examples.

We publish the full research, tooling and malware as open-source, APT-grade material, so red teams and adversary-emulation programs can faithfully reproduce nation-scale operations.

📌 What's covered

UEFI boot process (phases, services and programmable elements)
Modular design of an UEFI Bootkit and early (pre-OS) networking
Pre-boot persistence and dynamic payload delivery
Hooking UEFI runtime services and controlling pre-boot execution flow
Seamless transition from pre-boot to kernel
Kernel-mode rootkit development (hiding processes, files and network activity)
Capturing keyboard input from ring-0 and kernel I/O techniques
Kernel networking and C2 without userland components
Bypassing protections and evasion strategies
Practical demo and architecture walkthrough of the full Bootkit + Rootkit framework

🔧 Materials & code

As with our previous talks, we provide slides, tooling and the reference code used during the presentation for research, detection and defensive testing. Please find the resources below:

https://github.com/TheMalwareGuardian

Windows UEFI Bootkit:
👉 /Abyss

Windows Kernel Rootkit:
👉 /Benthic

Resources:
👉 /Awesome-Bootkits-Rootkits-Development

Environment:
👉 /Bootkits-Rootkits-Development-Environment

PKfail:
👉 /PKfail

UEFI:
👉 /UEFI-Firmware-Analysis

Комментарии

Информация по комментариям в разработке