Fuzzing Development Mega Primer

Learn how to fuzz and write reliable windows exploits
0.0 (0 ratings)
Instead of using a simple lifetime average, Udemy calculates a
course's star rating by considering a number of different factors
such as the number of ratings, the age of ratings, and the
likelihood of fraudulent ratings.
6 students enrolled
$30
Take This Course
  • Lectures 5
  • Length 1 hour
  • Skill Level All Levels
  • Languages English
  • Includes Lifetime access
    30 day money back guarantee!
    Available on iOS and Android
    Certificate of Completion
Wishlisted Wishlist

How taking a course works

Discover

Find online courses made by experts from around the world.

Learn

Take your courses with you and learn anywhere, anytime.

Master

Learn and practice real-world skills and achieve your goals.

About This Course

Published 11/2015 English

Course Description

This course focuses on teaching individuals the importance of fuzzing and how fuzzing can be used for identifying the various software security bugs like buffer overflow, directory traversal, etc. The course teaches a student everything that is required from setting up tools that are required to actually running the fuzzing scripts and exploiting real world applications in Windows. This course is focused on Windows applications, however the same principles can be applied to applications running on Linux//Unix.

The course provides all the required software that can be downloaded from author's dropbox site. It also provides links to any other software that is required and every tool used is opensource or available for free.

The course is divided in to 4 chapters that go from the very basic to advanced level where a student would fuzz a network service.

Anyone interested in entering and learning about software exploitation and how do people identify 0-days exploits should take this course.

What are the requirements?

  • Determination to learn something new
  • Windows XP/7 Vmware image or Laptop/Desktop with the same operating system

What am I going to get from this course?

  • Understand the intelligent mutation fuzzing technique and use of a fuzzing framework for identifying security issues (memory corruption, directory traversal, etc) in all the software applications
  • Understand how to fuzz a file based application
  • Understand how to fuzz a network service
  • Write stack based buffer overflows for Windows applications

What is the target audience?

  • Windows exploit beginners
  • Pentesters
  • Network/system administrators
  • Reverse engineers
  • Malware analysts
  • Anyone interested in exploit development

What you get with this course?

Not for you? No problem.
30 day money back guarantee.

Forever yours.
Lifetime access.

Learn on the go.
Desktop, iOS and Android.

Get rewarded.
Certificate of completion.

Curriculum

04:17

This chapter introduces the students to the wonderful world of fuzzing. The first chapter describes to the students what sort of software would be required and how it needs to be installed.

16 pages

This chapter introduces the various concepts required to understand fuzzing technique. It also introduces the students to various fuzzing techniques that exist and teaches how to set up sulley and peach fuzzing frameworks.

09:16

This tutorial introduces students on how to fuzz a file based application using Sulley framework. Students should read the additional reference material attached with this one to ensure that they get the best out of the tutorial.

14:01

This tutorial will introduce on how to use Sulley framework for fuzzing network services. This chapter also provides an understanding of SafeSEH protection mechanism in Windows. Students should read the downloadable material first to understand the concepts and then follow the tutorial.

02:40

This tutorial teaches how to convert an exploit written in Python language to Metasploit framework. This ensures that you can make your exploits available to everyone in security community. Ensure to read the downloadble material before going through the video.

Students Who Viewed This Course Also Viewed

  • Loading
  • Loading
  • Loading

Instructor Biography

Mr Nicholas Griffin, Experienced security researcher teaching course

Nicholas Griffin is an experienced application security researcher by profession having 9+ years of experience in Application/Hardware security including 5 years of Security Research. He is passionate about developing new and unique security tools, teaching various security people ranging from novice to experts. Some of his contributions to Hacker's arsenal include writing Killerbee extensions, finding 0-day exploits in various embedded devices from command injection, web flaws to buffer overflows, writing security books, etc.

Ready to start learning?
Take This Course