BruCON 0x10

In the dynamic realm of system security, the ability to diagnose and debug at the kernel level is invaluable. "Uncovering Hidden Threats: Intro to Kernel Debugging with WinDbg" is a workshop designed for IT professionals, system administrators, and security researchers who are eager to gain foundational skills in kernel debugging. This session will immerse participants in practical, hands-on scenarios using WinDbg for kernel debugging.

Throughout this workshop, attendees will engage directly with real-world debugging exercises, designed to provide a deep dive into the inner workings of the Windows kernel. Participants will be provided with preconfigured virtual machine (steps on how to set up debugging environment from scratch are provided on request), interpret common kernel-mode data structures, and detect common stealth and persistence techniques encountered in the Windows rootkits. The focus will be heavily on 'learning by doing,' ensuring that every attendee not only understands the theoretical underpinnings but also acquires direct experience in applying these techniques.

By the end of the workshop, participants will have the skills to uncover and mitigate hidden threats in their own systems, armed with a robust set of debugging competencies that can be applied immediately in their professional roles.