applied security conferences and training: CanSecWest | PacSec |

Security Masters Dojo

Advanced and intermediate security training and technology enhancement for information security professionals.

CanSecWest: Security Masters Dojo Vancouver

Finding Firmware Implants: an Incident Response and Forensics Guide

Register for March 16-17, 2020 (2-day Course)

Jesse Michael, Rick Altherr


Firmware implants have been gaining momentum as an attack vector especially for Advanced Persistent Threats. How do you detect them? What are they capable of? How can you capture them for further study and remove them from a device?

This is a two day course diving into the tools and techniques used to extract system firmware from a system, unpack the contents, and analyze them for signs of tampering. Hardware Root of Trust systems such as Intel Boot Guard will be explained along with techniques used to subvert them.

Hands-on labs will provide each attendee with an opportunity to practice on an infected system including:

~ ~ ~