Мануал/Книга Zer0Con 2023 - материалы с конференции

[weaver]

A Year in Review of 0-days Exploited in-the-wild in 2022​

In 2022, 38 0-day vulnerabilities were detected as exploited in-the-wild. This talk covers what we can learn from the 0-days detected in-the-wild in 2022: the trends, the lessons learned, the novel bugs & methods. What’s stayed the same and what’s changed? What attack surfaces and bug types do we expect to continue in 2023? What may be promising targets for further research? And what was 2022's coolest bug? In this talk, I’ll deep dive into many of the most notable vulnerabilities and walk through the most interesting exploits from the year.

Much of security research is trying to emulate or guess what attackers who use 0-days are actually doing. In this talk, we’ll dive into what attackers actually are doing with 0-day exploits across most of the major consumer platforms: Chrome, Safari, Windows, iOS, macOS, Android, and more!

ConPresentations/Zer0Con2023.YearInReview.pdf at master · maddiestone/ConPresentations

Slide decks from my conference presentations. Contribute to maddiestone/ConPresentations development by creating an account on GitHub.

github.com

Mobile Exploitation - The past, present, and the future​

For decades, there was a battle between attackers and defenders in the mobile exploitation domain. Some early battles were an easy-win, while others would pose a great challenge to the attackers. This talk is about the meta-game between attackers and defenders, how it used to be in the past, how it's changing, and what to expect in the future. The talk will focus mainly on 1-click based browser chains, with some short comments on other domains as well.

https://raw.githubusercontent.com/externalist/presentations/master/2023%20Zer0con/Mobile%20Exploitation%2C%20the%20past%2C%20present%2C%20and%20future.pdf

Chasing BugsWith/In Hypervisors​

Hypervisors are an indispensable component of contemporary software systems. While the primary purpose of hypervisors is to virtualize the system resources. There are various other applications for hypervisors besides their conventional use, and our focus lies in employing them for security and reverse engineering purposes; thus, this presentation is divided into two parts. The first part is about how hypervisors and solutions derived from hypervisors can help us in finding bugs in kernel-mode and user-mode routines as well as discussing the possibilities of using hypervisor debuggers in reverse engineering. The second part is about finding different types of bugs within the hypervisors (type 1 and type 2).

The study involves using various bug-finding techniques, including static analysis, dynamic analysis, and finding attack vectors, to identify vulnerabilities in both types of hypervisors. The presentation also highlights the importance of bug finding in hypervisors and the potential consequences of leaving vulnerabilities unaddressed. The findings can inform developers and security professionals in their efforts to improve the security of hypervisors and mitigate the risks associated with virtualization.

slides/2023/Zer0Con2023/Chasing Bugs With-In Hypervisors.pdf at main · HyperDbg/slides

Slides about HyperDbg. Contribute to HyperDbg/slides development by creating an account on GitHub.

github.com

CodeQL + DTrace = flood bugs in XNU​

How to find multiple memory disclosures in XNU using CodeQL​

slides/2023/zer0con/slides.pdf at main · 0x3c3e/slides

CodeQL + DTrace = Memory Disclosure Vulnerabilities in XNU - 0x3c3e/slides

github.com

slides/2023/zer0con at main · 0x3c3e/slides

CodeQL + DTrace = Memory Disclosure Vulnerabilities in XNU - 0x3c3e/slides

github.com

p.s. это часть материалов выложенных в публичный доступ, если вам встретятся еще материалы с zer0con 2023 скидывайте их сюда так же по шаблону.