Author: Aseem Jakhar
The ARM exploitation workshop takes a deep dive into the security concepts of ARM Linux starting right from the ARM assembly, shellcoding, buffer overflows, reverse engineering to сode injection. The workshop has a lot of hands-on to get the participants comfortable with ARM assembly and understand the issues involved in exploitation of ARM-based Linux systems.
To make the workshop more interesting, it uses Android as the platform for learning ARM exploitation and hence it covers Android OS specific dev/security concepts as well and takes the participants through the basics of Android to be used as an ARM Linux platform. All concepts taught in the workshop are Android independent though and will be the same for any ARM embedded Linux device except for the lab dev environment. This workshop provides a base for the participants to develop security research expertise on the ARM/Android platform.
Aseem Jakhar is the director, research at Payatu Technologies Pvt Ltd, a boutique security testing company, and the founder of the Nullcon security conference. He has extensive experience in system programming, security research, consulting and managing security software development projects. He has designed/developed and worked on various security software including UTM appliances, messaging/security appliances, anti-spam engine, anti-virus software, multicast packet reflector, Transparent HTTPS proxy with captive portal, bayesian spam filter to name a few. He is an active speaker at security and open source conferences; some of the conferences he has spoken at include AusCERT, Black Hat, ClubHack, Defcon, GNUnify, Hack.lu, OSI Days, XCon.