2011 Talks

Fun And Profit With Hypervisors

Hypervisors are not just for virtual machines! In this presentation, we will be exploring some of the fun things we can do with hardware assisted virtualization technologies such as VT-X from Intel and AMD-V from AMD. Things that do not involve running full blown virtual machine instances, but are so much more fun none the less. Things such as:

  • Hiding code from the system, including the kernel.
  • Hooking and modifying system behaviour with impunity.
  • Prying open rootkits and other types of code that just don't like giving their secrets away.

Maybe if time permits, we can even look at how to launch a hypervisor over the Interwebs :-)

Speaker: Nishad Herath

Based in Brisbane, Australia, Nishad Herath has been intimately involved with reverse engineering and information systems security for the better part of the last two decades. His extensive reverse engineering experience extends to hardware, software, firmware and as of late, wetware. During his professional career as an in-house researcher, an independent consultant, a business and technical strategist as well as an entrepreneur, he has worked with organizations ranging from startups to multi-billion dollar public corporations. His clients include top security vendors, ISVs, private sector enterprise, media and entertainment companies not to mention government, law enforcement and intelligence agencies. Nishad spends his free time reverse engineering traditional martial arts, meditation techniques and healing practices.

 

Forensic Timeline Splunking Forensic Timeline Splunking
GCC Plugins: Die by the Sword GCC Plugins: Die by the Sword