PHDays video

POSITIVE HACK DAYS



ORGANIZER

Program

Very Mighty eXtension for debugging

Want to visit   +40

Author: Artem Shishkin

This talk will show how to develop a hypervisor-based debugging facility: how to apply existing hardware features for debugging, how to maintain integrity of a debuggee, how to make this stuff interactive and how to adopt Intel specific peculiarities. The speaker will also cover OS integration and will tell how to build a hypervisor debugger into firmware. Real-world cases of using a hypervisor-based debugger will prove that Virtual Machine Extensions are indeed a Very Mighty eXtension for debugging.

  • Language
  • Russian

Artem Shishkin is a virtualization specialist and reverse engineer. An author of research papers including "Intel SMEP overview and partial bypass on Windows 8", "Stars aligner's how-to: kernel pool spraying and VMware CVE-2013-1406", and "Microsoft Windows 8.1 kernel patch protection analysis". Engaged in low-level programming and developing reverse engineering tools. Previously spoke at Positive Hack Days and ZeroNights.

Artem Shishkin Artem Shishkin

Back to the list