SEC536: Adversarial AI - Penetration Testing AI Systems


Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact Us
Watch Intro to Part 1: The Beginning and Part 2: Back to the Future Using TTD OnDemand.
By now you have learned how to travel through time using Time Travel Debugging. TTD is such a powerful feature and you’ve only begun to scratch the surface of its use cases.
This portion of the series is going to take a detailed look into calling conventions for a number of calling standards like stdcall, cdecl, thiscall, and fastcall. Calling conventions are not only important in the developer side, as taught in SEC670, but also in the malware analysis side too. It is critical to understand these conventions when performing any kind of analysis at the assembly level. If you can’t track what’s being passed in as the 3rd argument, you could miss a key part in your analysis. After this portion of the series, you will have a solid understanding of the various calling conventions covered.
You won’t need anything from Part 2 of this series other than your personal setup. See you there!
For the best experience, students are encouraged to watch the rest of the WinDbg series:
This session supports concepts from SEC665: Advanced Red Team Operations and will help students prepare for the course. To learn more, browse upcoming sessions, and access your free course preview, Click Here.


Jonathan Reiter teaches advanced red team operations and Windows implant development through hands-on labs grounded in real-world experience.
Read more about Jonathan Reiter