SEC536: Adversarial AI - Penetration Testing AI Systems


Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact Us
Fear not the kernel, for it can be wielded to do your bidding. Come with us on a journey as we venture below Loki’s Lair and into the abyss of the Windows kernel. This is the realm where nothing hides and all is revealed through Heimdall’s gaze.
You will learn how to navigate your way around and enumerate filesystem minifilters that might be part of the trickery behind modern security products.
Once done, you will be able to harness the power of dx commands, along with other debugger extensions. In just two hours, you will know how to begin your journey.
This workshop continues the Intro to WinDbg series and serves as a recommended prerequisite for SEC665: Advanced Red Team Operations. Students will learn how to enumerate and inspect filesystem minifilters, explore filter communication mechanisms, and begin understanding how modern security products generate visibility within the Windows kernel.
Through practical demonstrations and guided workflows, attendees will build confidence with WinDbg, debugger extensions, and kernel structures before encountering the advanced kernel research topics covered in SEC665 Day 5. For operators looking to better understand defensive telemetry, kernel visibility, and the foundations of EDR research, this workshop provides the ideal starting point.
For the best experience, students are encouraged to watch the other sessions in the Intro to WinDbg series:
This workshop is intended to serve as a recommended prerequisite for SEC665: Advanced Red Team Operations and will help students prepare for the advanced kernel debugging and research concepts introduced in the course. To learn more, browse upcoming sessions, and access your free course preview, Click Here.


Jonathan Reiter teaches advanced red team operations and Windows implant development through hands-on labs grounded in real-world experience.
Read more about Jonathan Reiter