Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore the construction and execution of advanced UEFI bootkits and kernel-mode rootkits in this 39-minute conference talk from DEF CON 33. Dive deep into the internals of fully functional malware that achieves complete system control before and after OS loading, examining modular design principles, runtime interactions, and mechanisms for hooking critical Windows boot chain components. Learn how these sophisticated implants operate across pre-boot and post-boot phases, including establishing early internet connectivity from firmware, implementing dynamic payload delivery systems, and performing runtime service hooking for deep kernel control. Discover advanced capabilities such as hiding files, processes, and network activity, blocking traffic, capturing keystrokes, and maintaining command and control directly from kernel space. Gain hands-on access to a complete bootkit and rootkit framework that is fully customizable for threat simulation, defense testing, or developing even more sophisticated stealth techniques, providing practical insights into some of the most complex and stealthy forms of malware used for achieving full system compromise.
