Hands-on Fuzzing and Exploit Development (Advanced)
- 8.5 hours on-demand video
- 37 downloadable resources
- Full lifetime access
- Access on mobile and TV
- Assignments
- Certificate of Completion
Get your team access to 4,000+ top Udemy courses anytime, anywhere.
Try Udemy for Business- Advanced techniques of creating exploits such as Egg Hunters, ASLR Bypass, Function reuse etc.
- Writing Unicode compatible exploits
- How to do long and short jumps in exploits
- How to do stack pivoting
- Fuzzing through Spike, Peach Fuzzer, FilFuzz and BooFuzz
- Creating Peach Pits, BooFuzz scripts and fuzzing scripts in Python
- How to tackle restrictive conditions such as limited buffer space or limited character set
- Create exploits from scratch for complicated file-formats such as ZIP
- Manually encoding shellcode
- Basic knowledge of x86 Assembly Language
- Basic knowledge of Kali Linux
- Basic knowledge of Python
- Basic knowledge of Metasploit
- Basic concepts of fuzzing
- Basic knowledge of Immunity Debugger
About this course
This course builds upon my previous course, Hands-on Exploit Development on Udemy.
It will teach you advanced techniques of exploiting a buffer overflow vulnerability. Egg hunters, ASLR bypass, Stack Pivoting, Function Reuse, Manual encoding are some of the techniques covered in this course.
It follows the six stages of exploit development and gives a detailed walk-through of each. Each module starts by identifying the vulnerability via fuzzing. You'll learn, server fuzzing (using Spike) and file format fuzzing (using Peach Fuzzer). It then shows you how to create a PoC to trigger the vulnerability and convert that PoC into a working exploit.
Through this course you will get introduced to various tools such as Immunity Debugger, Mona library for Immunity Debugger, Metasploit, msfvenom, Spike, Peach Fuzzer, BooFuzz and much more. This course is designed to be short and concise yet packed with practical knowledge.
Each video includes learning resources (in video) and associated files (pdf slides, fuzzing scripts, peach pit python script etc.). You can just follow along and create a working exploit. It's that simple. Happy hacking!
What our fellow students say about this course
"I have been looking for resources to learn different techniques of exploit development. This course was a great find. It is very easy to follow along and understand the concepts." - Surbhi Goel
"Great! More fuzzing tools are introduced." - Ying-Chen Chiou
"pretty good basics,easy to follow buffer overflow" - Arun Mathew
- Students curious about building exploits
- Ethical Hackers
- Penetration Testers
- Cybersecurity Professionals
- People preparing for OSCP, OSCE etc.
This video gives an overview of the technique you'll be learning in this module. It also gives a brief overview of tools and software required for this module.
Download Links to the tools mentioned:
Kali Linux 2018.1: https://www.kali.org/news/kali-linux-2018-1-release/
Immunity Debugger: https://www.immunityinc.com/products/debugger/
Mona Library: https://github.com/corelan/mona
Vuln server (target software): https://github.com/stephenbradshaw/vulnserver
Sublime Text Editor: https://www.sublimetext.com/
Virtual Box: https://www.virtualbox.org/wiki/Downloads
VMWare: https://www.vmware.com/in/products/workstation-player/workstation-player-evaluation.html
Notepad++: https://notepad-plus-plus.org/download/v7.6.1.html
This video gives an overview of the technique you'll be learning in this module. It also gives a brief overview of tools and software required for this module.
Download Links to the tools mentioned:
Kali Linux 2018.1: https://www.kali.org/news/kali-linux-2018-1-release/
Immunity Debugger: https://www.immunityinc.com/products/debugger/
Mona Library: https://github.com/corelan/mona
Peach Fuzzer: https://sourceforge.net/projects/peachfuzz/
CoolPlayer+ Portable (target software): https://www.exploit-db.com/apps/3279a02f72b3c5ec5870e7b0b19d2305-CoolPlayer219_Bin.zip
Sublime Text Editor: https://www.sublimetext.com/
Virtual Box: https://www.virtualbox.org/wiki/Downloads
VMWare: https://www.vmware.com/in/products/workstation-player/workstation-player-evaluation.html
Notepad++: https://notepad-plus-plus.org/download/v7.6.1.html
Note: Instead of FileFuzz we'll be using Peach Fuzzer in this module
In the video, we identify the bad characters which might break our final payload.
This video gives an overview of the technique you'll be learning in this module. It also gives a brief overview of tools and software required for this module.
Download Links to the tools mentioned:
· Kali Linux 2018.1: https://www.kali.org/news/kali-linux-2018-1-release/
· Immunity Debugger: https://www.immunityinc.com/products/debugger/
· Mona Library: https://github.com/corelan/mona
· File Fuzz: https://filefuzz.software.informer.com/2.0/
· Alpha2 Encoder: https://github.com/haxtivitiez/Alpha2-encoder
· Triologic Media Player 8: https://www.exploit-db.com/apps/4e68d370d54180157bf1b578407848f4-triomp8setup.exe
· Sublime Text Editor: https://www.sublimetext.com/
· Virtual Box: https://www.virtualbox.org/wiki/Downloads
· VMWare: https://www.vmware.com/in/products/workstation-player/workstation-player-evaluation.html
· Notepad++: https://notepad-plus-plus.org/download/v7.6.1.html
This video gives an overview of the technique you'll be learning in this module. It also gives a brief overview of tools and software required for this module.
This video gives an overview of the technique you'll be learning in this module. It also gives a brief overview of tools and software required for this module.