14 DAY TRIAL // Anyone interested in or responsible for vulnerability and/or malware analysis on Mac OS X is invited to attend the “Macsploitation Class” by Vincenzo Iozzo & Dino Dai Zovi held at the Black Hat security conference from July 30 to August 2.
Requiring a $2000 fee for subscribing now (or $2700 on site), the two-day course will take students through the complete process of finding and exploiting Mac OS X vulnerabilities.
The class highlights “the unique aspects of the operating system that vulnerability researchers must be aware of,” and will begin with an introduction to Mac OS X, covering the system architecture.
Lecture and lab sessions designed to give students the background they need will be available in each unit of the course.
Students will also be treated to a hands-on experience applying those techniques, the Black Hat organizers say.
Interested parties will need to bring their own Intel-based Mac running Mac OS X and Windows XP using VMWare Fusion (or equivalent virtualization solution), IDA Pro, Apple Developers Tools, and preferably (not mandatory) BinNavi with GdbAgent.
For their part, the organizers will hand out full printed materials, and the source code and exploits for all demonstrations and examples.
The trainers are Vincenzo Lozzo and Dino Dai Zovi, two well-known names in Mac security.
Lozzo is a student at the Politecnico di Milano where he does some research regarding malware and IDS. The security expert is involved in a number of open source projects, including FreeBSD.
He also works as a security consultant for Italy’s Secure Network.
As for Dai Zovi, he has 9 years of experience with information security, which includes red teaming, penetration testing, and software security assessments
Several information security conferences have featured Dai Zovi as a speaker, including presentations of his research on MacOS X security, according to the folks at Black Hat.