Build Ethical Hacking, Exploit Develop & PenTesting Skills
3.4 (10 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
217 students enrolled
Wishlisted Wishlist

Please confirm that you want to add Build Ethical Hacking, Exploit Develop & PenTesting Skills to your Wishlist.

Add to Wishlist

Build Ethical Hacking, Exploit Develop & PenTesting Skills

Gain exploit development skills with hands-on labs, develop exploits for Email & FTP Servers and experience web fuzzing
3.4 (10 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
217 students enrolled
Last updated 5/2016
Current price: $10 Original price: $25 Discount: 60% off
5 hours left at this price!
30-Day Money-Back Guarantee
  • 3 hours on-demand video
  • 1 Article
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
What Will I Learn?
  • Get Hands-on Experience in Exploit Development
  • Master Fuzzing Techniques and Methods
  • Write Working Exploits
  • Take Examination (Quiz of 25 Questions)
  • Use and Metasploit Framework for Exploit Development
View Curriculum
  • TCP/IP
  • Programming Concepts
  • Windows Basics
  • Experience with any one programming language

26Securelabs Exploit Development course is designed in a way to help you learning exploit development without opening many books. You would learn exploit development by means of hands-on labs.

What you will get?

This course includes 3 hours of downloadable lecture videos which teaches exploit development by practices. We have also added one quiz consisting of 25 questions on exploit development. You will also get courseware PDF which have been used during the videos.

What you will learn?

Exploit development in a nutshell and core concepts, tools and techniques which are building blocks for anyone who wants to learn exploit development in fast pace.

You will learn how to discover buffer overflow vulnerabilities in FTP Servers, Email Server and how to discover weaknesses in web servers. In any exploit development and research, fuzzing place an important role, this course will teach you different methods of fuzzing.

You will learn how to code fuzzers and real working exploits. Follow the pace of course and you should be able to write your own working exploit as explained in the course.

We believe this course is really informative for exploit development, we do not claim it will take you from zero to infinity but you will get what we have explained here.

You will rock once you develop your first working exploit after completing the course, however following instructions is a must.

Who is the target audience?
  • IT Professionals
  • IT Security Professionals
  • Programmers
  • College Students
  • Script Kiddies
Students Who Viewed This Course Also Viewed
Curriculum For This Course
27 Lectures
Module A - Fundamentals of Buffer Overflows
12 Lectures 01:28:27

What you will take home:

  • Exploit Development Knowledge
  • Exploit Development Experience
  • Exploits Developed by YOU!
  • Examination on Exploit Development (Quiz of 25 Questions)
Preview 08:28

Congratulation! You have chosen the path for becoming a true ethical hacker or an experienced penetration tester. 

As covered in previous topic, “script kiddie” heavily depends on tools and they really don’t understand what the tool do in the background or how exploit works. Exploit Development’s treasure is basically hidden in the buffer overflows mainly. 

Introduction to Buffer Overflows

Understanding some of core concepts in buffer overflows and exploit development.

Why Buffer Overflows Occurs

Quick explanation on what is Heap and difference between Stack and Heap

What is Heap?

Fuzzing Lab Part 1 - Playing with Vulnerable Application. Replicating the crash and discovering vulnerability in FTP Server by using Metasploit ftp_pre_post fuzzer.

FTP Server Fuzzing Lab Part1

Fuzzing Lab Part2 - Replicating the crash again with Metasploit ftp_pre_post fuzzer and attaching the ftp server with Immunity Debugger to find what happened in the background and register value the time application server crashed.

Manually coding our fuzzer in Python. You can download the skeleton from the course curriculum link. Happy Exploit Development

FTP Server Fuzzing Lab Part2

Fuzzing Lab Part 3 - Finding EIP Offset and overwriting the EIP with over manual our own fuzzer. Generating cyclic patterns with and learning how to find offset value with Setting up arranging of stack.

FTP Server Fuzzing Lab Part3

Arranging the Stack. Finding the "Stack" Address i.e. finding JMP ESP manually. Generating shell-code and Developing Exploit.

FTP Server Fuzzing Lab Part 4 and Coding Exploit For FTP Server

Looking for JMP ESP Addresses. Ways to Jump to the Stack where our shellcode is in memory

Methods for Finding ESP Address (JMP ESP)

Explanation of how we actually wrote the exploit code. Talking about Padding, Stack arrangement and more..

FTP Server Exploitation Lab Explanation

Quick walk through of the whole process we have gone through in developing exploit for this vulnerable application

Exploitation in a Nutshell (Quick Exploit Development)

Discussing different methods of generating payloads

Methods for Generating Payloads (Shellcodes)
Module B - Smashing the Instruction Pointer
9 Lectures 57:47

Part 1 of Fuzzing PCMan FTP Server as we have learned in previous lectures and lab sessions

Fuzzing PCMan FTP Server (All in one Lab) Part 1

Part 2 of Fuzzing PCMan FTP Server as we have learned in previous lectures and lab sessions

Fuzzing PCMan FTP Server (All in one Lab) Part 2

Finding Addresses for JMP Statement. Looking in different DLL file this time

Preview 02:04

Quickly Developing exploit for PCMan FTP Server

Developing Exploit for PCMan FTP Server

Writing our Fuzzer for manually fuzzing this eMail Server

Fuzzing Seattlelab eMail Server (All in one Lab) Part 1

Replicating Crash and Finding EIP Offset

Fuzzing Seatlelab eMail Server (All in one Lab) Part 2

Finding stack addresses in for esp and coding the exploit for this email server

Preview 07:24

Write  fuzzer for Kolibri Web Server and Overwriting different registers along with EIP Register.

Fuzzing and Crashing Web Server (Overwriting EIP and Other Registers)

This Quiz will be based on some of core concepts in Exploit Development. 

Exploit Academy's Exploit Development Examination (Quiz)
25 questions
Module C – How to Code Exploits
4 Lectures 25:47

What you should be focusing on in order to gain expertise in exploit development from tools and platforms standpoint.

Exploit Development Platforms

Explanation on how you can be good in exploit development.

Before You Start Developing Exploits and Fuzzers

Tips for consideration

Launching a Shell in Remote Machine (One Consideration) - Quick Notes

Links for downloading these vulnerable applications and our fuzzers and exploits we have developed during the course

Preview 00:06
Additional Section - Legal Disclaimers & Preventing Application Hacks
2 Lectures 09:22

This course is solely for the educational purposes. Any party or person involved in this course development or presentation, should not be held responsible for misuse of the information provided in this course. This course is developed to teach ethical hacking and its sole purpose is educational and for positive usage. It discourage any mis use of the course and any activity which conflicts or against any countries cyber, computer, privacy or legal related laws.

Preview 01:34

Talk on Code Security Review and some general methods on preventing buffer overflows. This is an additional lecture into our course to give you some thoughts and ethical behavior in this course

Concepts on "Preventing Hacking" by avoiding Buffer Overflows.
About the Instructor
Research Wing of 26Securelabs Exploit Academy
3.4 Average rating
10 Reviews
217 Students
1 Course
Teaching students from 31 countries

Exploit Academy's Instructor(s) are professional(s) in ethical hacking and penetration testing. Excited about finding vulnerabilities and passionate about teaching skills we have. You will learn from experienced professional(s) holding CISSP, CEH, CEI and have been delivering security courses around the world. 

Our professional(s) have hands-on ethical hacking / penetration testing experience while pen-testing for financial institutions and other industry sectors in real world scenarios. 

Exploit-Academy is bringing the knowledge and experience of these professional(s) at your Desktop to take you to the destination of professional in Ethical Hacking. We hope it will be beneficial for your career and thank you for taking the course