Windows Exploit Development Megaprimer
What you'll learn
- Learn how Exploit Works
- Bypass memory protections
- Make exploits reliable
- Scenario based Exploit Development
- Port Exploits into Metasploit modules
- Nothing much, Knowledge in any Scripting language like Python will be helpful.
- Basic knowledge in assembly is good but not a necessity.
This is a comprehensive course on Exploit Development in Windows platform. The course is designed in such a way to help the beginners. It will help you understand the different domains of software exploitation.
The participants will learn about different types and techniques of exploitation, using debuggers to create their own exploits, understand protection mechanism of the Operating Systems and how to bypass them. You will also learn how to write and execute an exploit in the latest Windows operating systems like Windows 7 and 8. This course will be supported by additional reference materials that will help you to understand the concepts and for further reading. The the course content will be updated regularly.
What you will learn?
- Learn stack based buffer overflow
- Exploiting buffer overflows
- Understand and write shellcodes
- Write exploits for Win32 platform
- Bypassing various memory protections
- Making your exploits reliable
- Write remote and local exploits
- Converting your exploits to metasploit modules
- Learn about concepts like Vanilla EIP Overwrite, Egg hunting, SEH overwrite, ROP chains etc.
- Learn to use various exploit development tools like debuggers, mona extension etc.
Who should attend this course?
- Network/system administrators
- Reverse engineers
- Malware analysts
- Security enthusiasts
- Anyone interested in exploit development.
What are the Prerequisites?
- Working knowledge of Windows and Linux Operating Systems
- Knowledge in scripting languages like Python, Perl or Ruby
- Comfortable with command-line utilities
- Basics of Assembly language
Why take this course ?
- Do you want to learn how to read and understand existing exploits?
- Do need to successfully modify an existing exploit?.
- Do you want to write reliable exploits and port them into Metasploit modules?
- Do you want to know how shellcode works ?
- Do you need to understand the basic concepts of exploit writing?
- Are you willing to dig deeper into shellcodes and debugger?
- Then this course is for you!
Who this course is for:
- This course is meant for people who are interested in Exploit Development
Ajin Abraham is an Application Security Engineer by profession having 5+ years of experience in Application Security including 2 years of Security Research. He is passionate on developing new and unique security tools than depending on pre existing tools that never work. Some of his contributions to Hacker's arsenal include OWASP Xenotix XSS Exploit Framework, Mobile Security Framework (MobSF), Xenotix xBOT, MalBoxie, Firefox Add-on Exploit Suite, Static DOM XSS Scanner, NodeJsScan etc to name a few.
He has been invited to speak at multiple security conferences including ClubHack, NULLCON, OWASP AppSec AsiaPac, BlackHat Europe, Hackmiami, Confidence, BlackHat US, BlackHat Asia, ToorCon, Ground Zero Summit, Hack In the Box and c0c0n.