Marion Marschalek
Marion Marschalek is a Senior Security Engineer at AWS, where she advises efforts to build threat detection solutions based on machine learning and AI. Priorly she held an offensive security research position at Intel and different roles in the threat detection industry, as a malware reverse engineer and incident responder. Marschalek is the founder of BlackHoodie, a hacker bootcamp for women, which is established as a global initiative to attract more diverse talent to the security industry.
@pinkflawd
What is your Mastodon ID? –Sessions
Ever wanted to know what a binary looks like from the inside? Wonder no more, binary insides is all you will see in this class. We’ll go from 0 to yo there’s a bug in your application in just one day. This training is very busy, from file formats, loaders and process execution, disassemblers and debuggers, to bug hunting of the special kind. But don’t worry, we’ll arm you with all the necessary skills! The target will be x86-64 Linux ELF executables.
Ever wondered how compiler mitigations are built? Or how a sophisticated build chain attack can target a compiler to place backdoors and other miscreants? Wonder no more, this hands-on workshop shows you how to build your own compiler pass, which can any source code you build to your liking. We'll learn how source code makes its way through the different stages of a compiler into its final binary form, how compilers perform modifications and optimizations of the code, and how they translate their view of the code to a given architecture's binary representation. Students will get a glimpse how some mitigations everybody knows and loves are actually implemented in a compiler. They'll work hands on with LLVM Clang, following along theoretical chapters of the workshop, and eventually they'll implement a Clang plugin themselves to sneak a backdoor into otherwise perfectly secure code.
Prerequisites: Linux computer or virtual machine or cloud instance