Abstract

“KernelGoat is a ‘Vulnerable by Design’ Linux kernel environment to learn and practice Kernel security issues”

There are a lot of resources, playgrounds, CTF’s for user-land based exploitation scenarios. However when it comes to Kernel based exploitation, especially Linux there aren’t many vulnerable by design labs.

The setup steps are very simple and do not require the user to spend enormous time on setup and instead focus on exploiting the vulnerability itself.

Few of vulnerabilities the users can get experience exploiting are

Arbitrary Read Stack Overflow Null pointer dereference Race condition Use After Free Heap Overflow Off-By-One Vulnerability Uninitialized Stack Variables Double Free

This tool is being developed by students from T.John Engineering College Bangalore. Divya M, Archana BS, Allen Sam and Sujitha Palanadan