Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
Explore the capabilities, security model, and implementation details of eBPF for Windows in this comprehensive Black Hat conference talk. Delve into the eBPF API, trusted static verifier, JIT engine, and kernel implementation of trace hooks and telemetry providers. Uncover vulnerabilities across multiple layers through demonstrations of fuzzing Windows eBPF components and real-time bug discovery. Examine the challenges of exploiting memory corruption in the eBPF implementation on Windows, particularly within the context of Windows Protected Processes. Gain valuable insights into the design and attack surface of this powerful technology, presented by Richard Johnson over the course of 40 minutes.
