Negar Shabab
[Microsoft]
Negar is a security researcher from Microsoft.

She has worked in different offensive and defensive roles in cyber security over the past 8 years, from malware analysis and security software development to application security consulting and penetration testing.

Negar is an active member of the Australian Women in Security Network (AWSN) which aims to support and inspire women in the Australian security industry. She is also a regular speaker at security conferences and delivers technical workshops.

Tutorial: Analysing and reverse engineering the most common exploits in the wild

Technical Level (3 being the highest score): 2

In the world of cyber attacks, exploiting a vulnerability on a system is one of the most common ways to gain a foothold on a victim’s machine or to elevate the level of access to the resources of a machine which an attacker has already compromised.

However understanding how a piece of exploit code takes advantage of a vulnerability, is not always straightforward, even for experienced security experts.

In this workshop we will learn how the most commonly exploited vulnerabilities are being used in real attacks. We will focus on cases of exploits from the most sophisticated threat actors, dissect and analyse them one by one to understand their logic.

In order to get a better understanding of how exploits work in general, we chose CVEs targeting different softwares and platforms such as Microsoft Windows, Microsoft Office, Adobe and so on.

Target audience:
-Security analysts
-Malware analysts
-Red teamers
-Blue teamers
-Security enthusiasts in general

Pre-requisites:
-Basic understanding of Microsoft Windows and Microsoft Office internals.
-Familiarity with vulnerability and exploit concepts.
-Intermediate skills in one or more scripting languages.

Learning outcomes:
-Learning about various malware analysis tools and how to use them.
-Thorough understanding of common exploit techniques and how they are used in the wild.
-Ability to analyse and understand the vulnerabilities and how the exploits work generally.

Secure your place now!