Trainings

This hands-on class will teach you how to develop your own tools to fuzz real targets. You will write a basic fuzzer that generates and mutates inputs based on a selected grammar to attack a parser. You will also gain deep knowledge about how important coverage is to reach as much code as possible to find bugs. You will apply the learnt skills to improve the fuzzer by measuring and improving coverage.

Book your seat or request more info at training@cyberintel.es

Trusted Execution Environment (TEE) is widely used by many smartphone vendors to provide a high level of security to their users. Although there are debuggers and fuzzers for many operating systems, such as Windows or Linux, unfortunately, most of the applications and operating systems running in the TEE are proprietary and closed-source.

In this hands-on class you will learn to write advanced fuzzers, applying coverage approaches by employing symbolic execution. Additionally, you will write harnesses using popular fuzzing frameworks to obtain a different perspective.
You will also understand how to analyse the results of a fuzzing session, reproducing, triaging and minimising the obtained crashes. You will also be able to use the knowledge obtained throughout this training to start advanced fuzzing campaigns against architecturally complex targets such as TrustZone applications.

Book your seat or request more info at training@cyberintel.es

This course will teach you how to apply voltage glitching techniques and how to impact devices without the need of a software vulnerability. You will also learn how to handle electronic devices such as oscilloscopes and multimeters to check and ascertain the different parameters needed for the attacks. On top of this, you will also have the chance to interact with embedded devices and microcontrollers, and you will be able to modify their flow of execution. With the obtained knowledge, you will know how to successfully perform hardware attacks on simple devices.

Book your seat or request more info at training@cyberintel.es

In this hands-on class you will learn in detail all the steps, from characterisation to glitching, to effectively bypass the secure boot on smartphones. The attack named Vlind Glitch is the one we presented at Black Hat Europe 2022.

All hardware and software materials are provided. Participants will have a discount to acquire the full hardware kit to enable them to reproduce the attack.

Book your seat or request more info at training@cyberintel.es