Secure Boot is not a binary security feature, it is a chain of trust assumptions implemented in software. If you can observe the boot process, you can reconstruct the trust model. If you can reconstruct the trust model, you can identify enforcement gaps. If you can identify enforcement gaps, you can design a bypass.
This 4 hour hands-on webinar walks through a structured, repeatable methodology for bypassing secure boot protections using only terminal access. No firmware dumping, no fault injection, no hardware attacks. Just logs, environment analysis, trust boundary mapping, and controlled exploitation, executed live on an Ubuntu Secure Boot Challenge VM and generalized to U-Boot, shim, Coreboot, and embedded Linux appliances.
The session closes with an end-to-end exploitation chain from boot evidence to root shell, executed in a single continuous run. Attendees leave with a reusable trust-mapping framework, a terminal only assessment checklist, the downloadable lab VM for continued practice, and the recording.
Bonus: Each student gets $49 voucher for our catalog.
Amichai Yifrach (AKA: Th3_H1tchH1ker) is a cybersecurity architect and researcher specializing in embedded systems, firmware security, and trust-chain analysis. With over three decades of hands-on engineering and offensive research experience, his work focuses on understanding how systems actually behave under real-world conditions, not how they are expected to behave on paper.
He has led and delivered complex security and R&D programs across military, industrial, and commercial environments, including projects aligned with rigorous standards such as MIL-STD and large-scale system validation frameworks. His expertise spans low-level software, hardware-assisted security, boot processes, and adversarial analysis of system architecture.
His recent research into Secure Boot bypass techniques on NVIDIA Jetson platforms, including CVE-2026-24154 and CVE-2026-24153, highlights systemic issues in development-to-production transitions and trust sequencing. Rather than focusing on isolated vulnerabilities, his work exposes repeatable methods for identifying and exploiting enforcement gaps across platforms.
Through his TrainSec initiative, Amichai teaches practitioners how to move beyond vulnerability hunting and toward structured, evidence-driven security reasoning. His approach equips engineers and security professionals with the methodology required to analyze, model, and ultimately control system behavior from boot to runtime.
