It's no secret that the days of jmp esp are long gone. In the age of virtualization-based security and hypervisor-protected code integrity, code execution due to a memory corruption vulnerability is no longer as trivial as it once was. However, a few times a year, there's always that vulnerability that makes headlines, can be exploited remotely, and allows code execution in ring 0. What's going on? This talk will cover the history of binary exploitation, the tools operating systems have to defend against these vulnerabilities, so that adversaries are constantly developing new and creative solutions to bypass these defenses, and the future of exploit development in both user mode and kernel mode.
Connor McGarr
(Red Team Consultant at CrowdStrike)

Connor is a Red Team Consultant for CrowdStrike. If you can lure him away from WinDbg and IDA, you can find him blogging and spending time with his family and dog. Connor is passionate about anything related to Windows internals, vulnerability research, C, or offensive craft.

Please take the opportunity to connect with your friends and family and share this video with them if you find it useful.