Didier Stevens Labs

Founded by Didier Stevens

Workshop Bundle - Personal: €50 (€60)

Get all 3 workshops at an extra 17% discount on top of the 20% discount. This workshop bundle contains my Malicious PDF Analysis Workshop Advance Screening, my White Hat Shellcode Workshop and my Windows x64 The Essentials Workshop videos.

You can find video samples here.

The personal edition costs €50 in stead of €60. Invoice on request. This personal edition can only be used by you.

After purchase, you will receive an e-mail within 24 hours to download 3 zip-files with the videos in mp4 format. Make sure to check your SPAM folder. The size of each zip-file is around 200MB.

You do not need a PayPal account to pay with this button:

Malicious PDF Analysis Workshop Advance Screening - Personal: €20 (€25)

This workshop will teach you the fundamentals you need to know to analyze (malicious) PDF documents. Didier Stevens will familiarize you with PDFiD and pdf-parser, two essential tools for PDF analysis he authored. We start with a very simple, PoC malicious PDF file (you could even analyze this PoC file with Notepad or vi) to lay out the fundamentals, and then work through more complex examples.

This is an advance screening* of my Malicious PDF Analysis workshop. There are 25 videos covering the 20 exercises of my workshop totaling a bit more than 2 hours of viewing.

You can find video samples here.

The personal edition costs €20. Invoice on request. This personal edition can only be used by you.

After purchase, you will receive an e-mail within 24 hours to download a zip-file with the videos in mp4 format. Make sure to check your SPAM folder. The size of this zip-file is around 200MB.

You do not need a PayPal account to pay with this button:



*The videos of this workshop are gradually released on YouTube. By the end of 2014, all videos should be released. This advance screening gives you all videos, including the unreleased videos.

White Hat Shellcode Workshop - Personal: €20 (€25)

In this workshop, we will present shellcode designed to protect systems, in stead of attacking systems. Some examples: - shellcode to unload a DLL - shellcode to enable DEP - shellcode to patch a vulnerability – shellcode to test a security setup - shellcode to prevent heap sprays (from my HeapLocker tool).

There are 6 videos covering the 5 examples of my workshop totaling a bit less than 2 hours of viewing.

You can find video samples here.

The personal edition costs €20. Invoice on request. This personal edition can only be used by you.

After purchase, you will receive an e-mail within 24 hours to download a zip-file with the videos in mp4 format. Make sure to check your SPAM folder. The size of this zip-file is around 200MB.

You do not need a PayPal account to pay with this button:

Windows x64 The Essentials Workshop - Personal: €20 (€25)

In this workshop we will touch upon important differences between 32-bit and 64-bit Windows.

Did you know WoW64 (Windows 32-bit on Windows 64-bit), the system that allows you to run 32-bit applications on 64-bit Windows, presents applications with a different view on the file system and the registry? Why wouldn't you use a 32-bit AV program on x64 Windows, but can you compile a 64-bit application on a 32-bit machine? Did you know 32-bit processes can't load 64-bit DLLs and 64-bit processes can't load 32-bit DLLs? Did you know that x64 shellcode is significantly different from 32-bit shellcode because of the calling convention?

Here are some of the exercises: How to develop and inject an x64 DLL - How to develop x64 shellcode - How to develop and sign an x64 kernel driver - How does WoW64 allow us to run 32-bit applications on a 64-bit system? - How do we "break" out of WoW64?

There are 9 videos covering the 8 exercises of my workshop totaling a bit more than 2 hours of viewing.

You can find video samples here.

The personal edition costs €20. Invoice on request. This personal edition can only be used by you.

After purchase, you will receive an e-mail within 24 hours to download a zip-file with the videos in mp4 format. Make sure to check your SPAM folder. The size of this zip-file is a bit less than 400MB.

You do not need a PayPal account to pay with this button: