Abstract
Hypervisors are complex software that play a critical role in modern infrastructure, but like any software, they’re not immune to flaws which can be exploited by sophisticated attackers. This training dives into the technical depths of virtualization technologies and explores the flaws leading to virtual machine (VM) escapes. During this training, you will be able to sharpen your skills on multiple platforms from the initial analysis of a target to exploiting real world vulnerabilities.
The course explores the attack surfaces hypervisors expose to their guests, both statically and dynamically. By breaking down how virtual machines communicate with hypervisors and their internal components, participants will learn to apply their existing vulnerability research and exploitation skills to any virtualization software. The training also provides detailed insights for each studied target, including their architectures, typical vulnerabilities, and guidance for effective bug hunting.
This course is ideal for security researchers and vulnerability analysts who are already familiar with low-level systems programming and common exploitation techniques but are new to hypervisor internals. By the end of the training, participants will have a solid foundation in virtualization attack surfaces and vulnerability research as well as the ability to craft proof-of-concept exploits targeting hypervisors.
The course is designed to be given in 4 days of 7 hours.
Full syllabus: click here
Next sessions
Next open sessions :
- REcon Montréal: 23-26 June 2025
Please contact us to organize a private session.