OpenSecurityTraining2

Open-source firmware is the future. Learn coreboot from scratch: design principles, boot process & building for QEMU. Chromebooks run it, you should know it! Architecture 4031: Introductory coreboot https://ost2.fyi/Arch4031 by Piotr Król

Strengthening skills in #trustedcomputing has never been more important across the security ecosystem. To support that growth, TCG continues to work with OpenSecurityTraining2 (OST2) to develop free, modular training courses built around TCG technologies. These courses are designed to help learners: -       Build practical, hands-on understanding of our specifications -       Explore platform security concepts at their own pace -       Access high-quality training without cost barriers The training library will continue to expand over time, adding new modules as development continues. Stay tuned to TCG and OST2 channels to keep these on your radar! You can find more information about the courses here: https://lnkd.in/eHugHx3c #TrustedComputing #SecurityCourses #SecurityTraining #SkillsDevelopment

Long overdue things I got done on the OpenSecurityTraining2 beta server this past weekend (with Claude's help): Adding OAuth login via Google & Github, making it email the instructor when students post to Discussions (a feature I've been asking for for years), and removing an annoying first-use "tour" of Open edX (that provides no value and for which there's no feature flag for disablement). All things coming to production soon, after getting some testing on beta while the Arch1901 beta is running. (And for me, a Claude skill to collect better stats about student course completion without me needing to do a bunch of manual work. Obviously I'm loving Claude's ability to fix misc small things that have been bugging me forever.)

IMHO people should learn vulnerabilities by studying past ones, not fake ones. This class makes that easier for beginners.

Uninitialized data use, race conditions (TOCTOU), Use-After-Free (UAF), type confusion & info leaks: Vulnerabilities 1002 https://ost2.fyi/Vulns1002 by Xeno Kovah teaches real CVEs, not fake toy examples. Real exploit walkthroughs included. Level up your 'sploity sense!

Almost a year of study culminates with this course. I started out self-taught and finished with this x86-64 Assembly course. It took about 10 months from scratch to complement the foundation I had in C. Now that this is under my belt, the plan for this year is to progress with SIMD. Thanks to OpenSecurityTraining2 for a great course. #OpenSecurityTraining2

Hey folks, back after completing a mini-course Debuggers 1012: Intro to GDB from OpenSecurityTraining2 by Xeno Kovah. This course is an awesome resource for beginners and anyone with decent experience who wants to refresh their low-level reverse engineering skills. A huge thanks to Xeno for making this content Open Source. #ReverseEngineering #InfoSec #CyberSecurity #GDB #OST2

C++ binaries are notoriously hard to reverse. This class by Gal Zaban teaches you to map them clearly in IDA. Reverse Engineering 3011: Reversing C++ Binaries https://ost2.fyi/RE3011

There's still time to sign up before the next beta of Arch1901 kicks off May 20th!

Learn to use a debugger that runs *beneath* the OS using Intel VT-x. Hidden hooks, TLB splitting, EPT-based monitoring: reverse engineering's secret weapon. Debuggers 3301: HyperDbg https://ost2.fyi/Dbg3301 by Mohammad Sina Karvandi