Overview
This course aims to equip security researchers interested in x86 platform misuse with fundamental architectural knowledge and resources to conduct their research more efficiently. The course covers topics such as CPU ring privileges, basic research hypervisors, and emerging technologies. The teaching method includes lectures on various architectural events and technologies. The course is intended for security researchers looking to streamline their research process and focus more on their research questions rather than setup complexities.
Syllabus
Introduction
Why this talk
Agenda
Protected Mode
Paging
Cache
Virtualization
Boot Process
Memory Management
General Protection Fault
Performance Counters
Branch Tracing
VMExit
EPT
SMM
SMI
Questions
Case Study
Monitoring OS
Troubleshooting
Bare flank
First open source
Subclasses
LibPMI
Simplevisor
Skeleton Kernel
UEFI
Puff
Wrap Up
Taught by
44CON Information Security Conference