{"product_id":"introduction-to-linux-kernel-security-pwn-college-llc-trainers-dctlv2026","title":"Introduction to Linux Kernel Security - pwn.college LLC Trainers  - DCTLV2026","description":"\u003cp dir=\"ltr\"\u003e\u003cmeta charset=\"utf-8\"\u003e\u003cstrong\u003eName of Training\u003c\/strong\u003e\u003cspan\u003e\u003cstrong\u003e:\u003c\/strong\u003e Introduction to Linux Kernel Security\u003cbr\u003e\u003c\/span\u003e\u003cstrong\u003eTrainer(s)\u003c\/strong\u003e\u003cspan\u003e\u003cstrong\u003e: \u003c\/strong\u003e\u003cspan style=\"font-size: 11.0pt; font-family: 'Arial',sans-serif; mso-fareast-font-family: Arial; mso-ansi-language: EN-US; mso-fareast-language: EN-US; mso-bidi-language: AR-SA;\"\u003epwn.college\u003cspan style=\"letter-spacing: .5pt;\"\u003e \u003c\/span\u003eLLC\u003cspan style=\"letter-spacing: .5pt;\"\u003e \u003c\/span\u003eTrainers\u003c\/span\u003e\u003cstrong\u003e\u003cspan style=\"font-size: 11.0pt; font-family: 'Arial',sans-serif; mso-fareast-font-family: Arial; mso-ansi-language: EN-US; mso-fareast-language: EN-US; mso-bidi-language: AR-SA;\"\u003e\u003cspan style=\"letter-spacing: .5pt;\"\u003e \u003c\/span\u003e\u003c\/span\u003e\u003c\/strong\u003e\u003cbr\u003e\u003c\/span\u003e\u003cspan\u003e\u003cmeta charset=\"utf-8\"\u003e \u003cstrong\u003eDates\u003c\/strong\u003e\u003cstrong\u003e:\u003c\/strong\u003e \u003cmeta charset=\"utf-8\"\u003eAugust 10-11, 2026\u003cbr\u003e\u003cstrong\u003eTime:\u003c\/strong\u003e 8:00 am to 5:00 pm \u003cbr\u003e\u003cstrong\u003eVenue\u003c\/strong\u003e\u003cstrong\u003e:\u003c\/strong\u003e \u003cmeta charset=\"utf-8\"\u003eLas Vegas Convention Center\u003cbr\u003e\u003c\/span\u003e\u003cstrong\u003eCost\u003c\/strong\u003e\u003cspan\u003e\u003cstrong\u003e: \u003c\/strong\u003e$3,500\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eShort Summary:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003eA practical, intermediate course on Linux kernel security and exploitation fundamentals. \u003cstrong\u003eOverwhelming majority of class time is hands-on\u003c\/strong\u003e in an \u003cstrong\u003einteractive, browser-based environment\u003c\/strong\u003e (no local setup), building real skills that students can keep practicing \u003cstrong\u003eafter the training \u003c\/strong\u003ewith continued platform access.\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eCourse Description: \u003c\/strong\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003eThis course teaches the core techniques and workflows behind Linux kernel security and exploitation using a sequence of focused, applied labs. Students analyze common kernel interfaces (`procfs`, character devices, IOCTLs), recognize dangerous patterns (state machines, unchecked copies, function-pointer adjacency), and practice safe, repeatable methods to gain control and escalate privileges inside a controlled environment.\u003cbr\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003eThe pwn.college philosophy is simple: \u003cstrong\u003emastery comes from doing\u003c\/strong\u003e. We minimize lecture and maximize keyboard time. All labs run in a \u003cstrong\u003ebrowser-based, self-contained environment\u003c\/strong\u003e with compilers, editors, and terminals—no local installs required—and access continues after class so students can revisit, review, and refine.\u003cbr\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cspan\u003e\u003cmeta charset=\"utf-8\"\u003e \u003cstrong\u003eCourse Outline: \u003c\/strong\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp\u003e# Day 1 — Foundations and Controlled Primitives \u003cb\u003e\u003cbr\u003e\u003c\/b\u003e-    **Kernel model \u0026amp; syscall path**\u003cbr\u003e-    Memory model and privilege rings at a conceptual level (userspace ↔ kernel transition, syscall path)\u003cbr\u003e-    **Environment \u0026amp; debugging workflow**\u003cbr\u003e-    Build\/launch QEMU + BusyBox environment; attach gdb (remote :1234)\u003cbr\u003e-    Load kernel symbols or inspect `\/proc\/kallsyms`\u003cbr\u003e-    Stepping from user → kernel\u003cbr\u003e-    **Character devices \u0026amp; `procfs` basics (hands-on)**\u003cbr\u003e-    Device file interaction patterns\u003cbr\u003e-    Simple state machines\u003cbr\u003e-    `printk`\/`dmesg` triage and safe observation\u003cbr\u003e-    **IOCTL interaction patterns (hands-on)**\u003cbr\u003e-    Command codes and argument structs\u003cbr\u003e-    `copy_from_user` \/ `copy_to_user` patterns and common pitfalls\u003cbr\u003e-    Handling of pointers passed via ioctl.\u003cbr\u003e-    **Privilege \u0026amp; kernel-API payloads**\u003cbr\u003e-    Conceptual representation of credentials\u003cbr\u003e-    Reasoning about `prepare_kernel_cred(0)` \/ `commit_creds(...)`\u003cbr\u003e-    Why `syscall` from kernel space crashes\u003cbr\u003e-    Calling kernel APIs (indirect absolute calls)\u003cbr\u003e-    Constructing payloads that return cleanly\u003c\/p\u003e\n\u003cp\u003e# Day 2 — Memory Corruption and Advanced Workflows \u003cbr\u003e-    **Function-pointer overwrite **\u003cbr\u003e-    Adjacent-field overflows, callback clobbering, redirecting to in-kernel helpers, validating stability.\u003cbr\u003e-    **KASLR-aware reasoning \u0026amp; address discovery**\u003cbr\u003e-    Techniques for discovering\/deriving useful addresses when symbols are randomized.\u003cbr\u003e-    **Seccomp escape workflow**\u003cbr\u003e-    How `TIF_SECCOMP` lives in `thread_info.flags`, `gs`-based access to `current`, and practical verification of expanded syscall capability.\u003cbr\u003e-    **Page-table walking to recover residual data**\u003cbr\u003e-    Inspecting page tables to locate and recover residual\/\"lost\" secrets\u003cbr\u003e-    virtual→physical mapping concepts and safe inspection patterns\u003cbr\u003e-    **Userspace helper coordination \u0026amp; clean exits**\u003cbr\u003e-    Designing userspace helpers that interoperate with kernel code under constrained syscall allow-lists\u003cbr\u003e-    Ensuring payloads return cleanly so kernel stability is preserved.\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eDifficulty Level:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eIntermediate - The student has education and some experience in the field and familiarity with the topic being presented. The student has foundational knowledge that the course will leverage to provide practical skills on the topic.\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eSuggested Prerequisites:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e-    Comfortable with Linux command line and basic systems programming\u003cbr\u003e-    Working knowledge of C, ability to follow simple x86-64 assembly (function calls, stack frames)\u003cbr\u003e-    Familiarity with gdb\u003cstrong\u003e\u003cbr\u003e\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eWhat Students Should Bring:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e-    A laptop with a modern web browser (Chrome\/Firefox\/Safari\/Edge)\u003cbr\u003e-    Reliable internet access (Wi-Fi or wired)\u003cbr\u003e-    That’s it—**no local setup required.**\u003cstrong\u003e\u003cbr\u003e\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eWhat the Trainer Will Provide:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e-  **Browser-based training platform** with all labs, compilers, and tooling pre-installed\u003cbr\u003e-    Curated challenge set and stepwise hints (no solution dumps)\u003cbr\u003e-    Slides (PDF) and quick reference sheets\u003cbr\u003e-    Continued platform access **after the training** for further practice\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eTrainer(s) Bio:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003epwn.college\u003c\/strong\u003e designs and delivers hands-on security education with an emphasis on measurable skill-building. The team builds challenge-driven curricula spanning kernel, binary exploitation, and program analysis, and has authored numerous training labs and CTF challenges used by practitioners and learners worldwide.\u003c\/p\u003e\n\u003cp\u003e\u003cmeta charset=\"utf-8\"\u003e\u003cstrong\u003eZardus (Yan Shoshitaishvili, PhD)\u003c\/strong\u003e has been part of the DEF CON community since DEF CON 9 (2001) and part of the Shellphish CTF team since DEF CON 17 (2009). He ran DEF CON CTF for four years (2018-2021) with Order of the Overflow, and successfully captained Shellphish through the participation in the DARPA Cyber Grand Challenge, in which they won third place and a spot in history (but not in the Smithsonian). Now he is an Associate Professor of Computer Science at Arizona State University and co-founder of pwn.college, where he has taught tens of thousands of students how to hack.\u003c\/p\u003e\n\u003cp\u003e\u003cmeta charset=\"utf-8\"\u003e\u003cstrong\u003ekanak (Connor Nelson, PhD)\u003c\/strong\u003e is a DEF CON veteran and has been part of the DEF CON CTF community since 2015. He has been a member of the Shellphish CTF team since 2018, and has competed in numerous CTFs around the world. He is the chief architect and co-founder of pwn.college, where he has helped design and deliver education to tens of thousands of students. His research primarily focuses on the intersection between CTF and education, and he has published several papers on the topic.\u003c\/p\u003e\n\u003cp\u003e\u003cmeta charset=\"utf-8\"\u003e\u003cstrong\u003eadamd (Adam Doupé, PhD) \u003c\/strong\u003eis equal parts hacker and educator, seamlessly blending exploits and insights. With deep roots in DEF CON culture, he ran the renowned DEF CON CTF with Order of the Overflow from 2018 to 2021, after competing in several editions with Shellphish. As Director of Arizona State University's Center for Cybersecurity \u0026amp; Trusted Foundations (CTF), he unearths vulnerabilities—including multiple CVEs in Apple's core OS—and transforms complex security topics into digestible, engaging lessons. Winner of the NSF CAREER Award and the ASU Fulton Best Teacher Award, he brings an infectious enthusiasm to cybersecurity education that resonates with both seasoned hackers and new learners alike.\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eProficiency Exam Option:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003eThis course has the option for a proficiency certificate add-on. Students who complete 70% or more of the required challenges, including the final exam-specific challenge, will be eligible for a proficiency certificate.\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003ePlease reach out to training@defcon.org for any questions related to the proficiency exam and certificate option.\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eRegistration Terms and Conditions: \u003c\/strong\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eTrainings are refundable before July 11, 2026, minus a non-refundable processing fee of $250.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eBetween July 11, 2026 and August 5, 2026 partial refunds will be granted, equal to 50% of the course fee minus a processing fee of $250.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eAll trainings are non-refundable after August 5, 2026.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eTraining tickets may be transferred to another student. Please email us at training@defcon.org for specifics.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eIf a training does not reach the minimum registration requirement, it may be cancelled. In the event the training you choose is cancelled, you will be provided the option of receiving a full refund or transferring to another training (subject to availability).\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eFailure to attend the training without prior written notification will be considered a no-show. No refund will be given.\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eDEF CON Training may share student contact information, including names and emails, with the course instructor(s) to facilitate sharing of pre-work and course instructions. Instructors are required to safeguard this information and provide appropriate protection so that it is kept private. Instructors may not use student information outside the delivery of this course without the permission of the student.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eBy purchasing this ticket you agree to abide by the \u003c\/span\u003e\u003ca href=\"https:\/\/defcon.org\/html\/links\/dc-code-of-conduct.html\"\u003e\u003cspan\u003eDEF CON Training Code of Conduct\u003c\/span\u003e\u003c\/a\u003e\u003cspan\u003e and the registration terms and conditions listed above.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eSeveral breaks will be included throughout the day. Please note that food is not included.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eAll courses come with a certificate of completion, contingent upon attendance at all course sessions. Some courses offer an option to upgrade to a certificate of proficiency, which requires an additional purchase and sufficient performance on an end-of-course evaluation.\u003c\/span\u003e\u003c\/p\u003e","brand":"Las Vegas 2026","offers":[{"title":"Course only - Aug 10-11","offer_id":47697639637210,"sku":null,"price":3300.0,"currency_code":"USD","in_stock":true},{"title":"Course + Proficiency Exam - Aug 10-11","offer_id":47697639669978,"sku":null,"price":3600.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0629\/2088\/4442\/files\/pwn.college.jpg?v=1750086308","url":"https:\/\/training.defcon.org\/products\/introduction-to-linux-kernel-security-pwn-college-llc-trainers-dctlv2026","provider":"defcontrainings","version":"1.0","type":"link"}