applied security conferences and training: CanSecWest | PacSec | EUSecWest |

Security Masters Dojo

Advanced and intermediate security training and technology enhancement for information security professionals.

CanSecWest: Security Masters Dojo Vancouver

Advanced iOS 11 Kernel Exploitation

Register for the March 10-13, 4-day course

EU, Norway, Switzerland, Canada, USA, New Zealand, Australia or Japan

Stefan Esser


For the last few years we have taught iOS and OS X kernel exploitation to a wide variety of students. As Apple keeps adding new security mitigations into the kernel or changes how security relevant implementations like how the kernel heap works, we have continued to update our course curriculum. For 2018 we went a step further, and for the first time in the history of our courses, we are offering an advanced version of our kernel exploitation course that builds on top of our previous courses.

In this advanced course, we will focus less on what security features were added by what iOS version, and more on questions and topics that arise during the development of kernel exploits for real kernel vulnerabilities that were made public in 2017.

During the training we will make available devices on iOS 11.0 to perform the hand on tasks, because they can only be performed on devices having vulnerabilities.

PREREQUISITE WARNING Each class has prerequisites for software loads and a laptop is mandatory. These individual class guides will list material the students are expected have knowledge about coming in and software tools that need to be pre-installed before attending so you get the maximum benefit from the focused intermediate or advanced level course. Please pay particular attention to the prerequisites, as the material listed there will not be reviewed in the courses, and will be necessary to get the maximum benefit out of these educational programs.


Introduction: Low Level ARM64: iOS Kernel Debugging: iOS Kernel Vulnerability Types iOS Kernel Heap Exploitation: iOS Kernel Exploit Mitigations iOS Kernel Vulnerabilities iOS Kernel Jailbreaking


Students must have prior knowledge in exploitation (basics will not be taught) and must be capable of understanding/programming exploits in C. Students will get an introduction into low level ARM/ARM64 as part of the course.

Course Requirements

Due to Wassenaar export control on technology for development of intrusion software, any kind of exploitation training against hardened targets is export controlled. We therefore can only accept students from: the EU, Norway, Switzerland, Canada, USA, New Zealand, Australia or Japan.

Software Requirements
Hardware Requirements