Fuzzing Development Mega Primer
0.0 (0 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
13 students enrolled
Wishlisted Wishlist

Please confirm that you want to add Fuzzing Development Mega Primer to your Wishlist.

Add to Wishlist

Fuzzing Development Mega Primer

Learn how to fuzz and write reliable windows exploits
0.0 (0 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
13 students enrolled
Last updated 11/2015
English
Price: $30
30-Day Money-Back Guarantee
Includes:
  • 30 mins on-demand video
  • 2 Supplemental Resources
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
What Will I Learn?
  • Understand the intelligent mutation fuzzing technique and use of a fuzzing framework for identifying security issues (memory corruption, directory traversal, etc) in all the software applications
  • Understand how to fuzz a file based application
  • Understand how to fuzz a network service
  • Write stack based buffer overflows for Windows applications
View Curriculum
Requirements
  • Determination to learn something new
  • Windows XP/7 Vmware image or Laptop/Desktop with the same operating system
Description

This course focuses on teaching individuals the importance of fuzzing and how fuzzing can be used for identifying the various software security bugs like buffer overflow, directory traversal, etc. The course teaches a student everything that is required from setting up tools that are required to actually running the fuzzing scripts and exploiting real world applications in Windows. This course is focused on Windows applications, however the same principles can be applied to applications running on Linux//Unix.

The course provides all the required software that can be downloaded from author's dropbox site. It also provides links to any other software that is required and every tool used is opensource or available for free.

The course is divided in to 4 chapters that go from the very basic to advanced level where a student would fuzz a network service.

Anyone interested in entering and learning about software exploitation and how do people identify 0-days exploits should take this course.

Who is the target audience?
  • Windows exploit beginners
  • Pentesters
  • Network/system administrators
  • Reverse engineers
  • Malware analysts
  • Anyone interested in exploit development
Students Who Viewed This Course Also Viewed
Curriculum For This Course
Expand All 5 Lectures Collapse All 5 Lectures 57:14
+
Introduction and tool setup
5 Lectures 30:14

This chapter introduces the students to the wonderful world of fuzzing. The first chapter describes to the students what sort of software would be required and how it needs to be installed.

Preview 04:17

This chapter introduces the various concepts required to understand fuzzing technique. It also introduces the students to various fuzzing techniques that exist and teaches how to set up sulley and peach fuzzing frameworks.

Fuzzing Primer
16 pages

This tutorial introduces students on how to fuzz a file based application using Sulley framework. Students should read the additional reference material attached with this one to ensure that they get the best out of the tutorial.

Preview 09:16

This tutorial will introduce on how to use Sulley framework for fuzzing network services. This chapter also provides an understanding of SafeSEH protection mechanism in Windows. Students should read the downloadable material first to understand the concepts and then follow the tutorial.

Network Service Fuzzing
14:01

This tutorial teaches how to convert an exploit written in Python language to Metasploit framework. This ensures that you can make your exploits available to everyone in security community. Ensure to read the downloadble material before going through the video.

Exploit porting to Metasploit framework
02:40
About the Instructor
Mr Nicholas Griffin
0.0 Average rating
0 Reviews
13 Students
1 Course
Experienced security researcher teaching course

Nicholas Griffin is an experienced application security researcher by profession having 9+ years of experience in Application/Hardware security including 5 years of Security Research. He is passionate about developing new and unique security tools, teaching various security people ranging from novice to experts. Some of his contributions to Hacker's arsenal include writing Killerbee extensions, finding 0-day exploits in various embedded devices from command injection, web flaws to buffer overflows, writing security books, etc.