Loading…
July 9 - 11, 2019 | Chicago, Illinois
View More Details  & Register Here
Back To Schedule
Wednesday, July 10 • 11:05am - 11:50am
Xen API Archaeology: Creating a Full-Featured VMI Debugger for the Xen Hypervisor - Spencer Michaels, NCC Group

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.
Despite the popularity of the Xen hypervisor, there are very few tools capable of performing virtual machine introspection (VMI) on Xen guests — not even a full-featured debugger! This is in large part because Xen's VMI APIs are obscure and poorly documented; even among Xen developers, there are very few people who know how to use them. This has serious consequences for projects targeting Xen, as the lack of tooling makes it difficult to verify the correctness and security of software running on Xen. In this presentation, Spencer will introduce and explain Xen's VMI APIs in detail, with the goal of providing all the information necessary to construct fully-featured Xen VMI API clients and analysis tools. In doing so, he will share the hands-on experience he gained while developing his recently-released tool Xendbg, a feature-complete reference implementation of a modern Xen VMI debugger.
Speakers
avatar for Spencer Michaels

Spencer Michaels

Security Consultant, NCC Group
Spencer Michaels is a Security Consultant at NCC Group, an information security firm specializing in application, network, and mobile security. At NCC, Spencer performs network and web application penetration testing and code review, as well as research into various low-level technologies... Read More →

Spencer Michaels Xen API Archaeology Creating A Full Featured VMI Debugger For The Xen Hypervisor pdf
Wednesday July 10, 2019 11:05am - 11:50am CDT
Gallery, 5th Floor
  Sessions