Find online courses made by experts from around the world.
Take your courses with you and learn anywhere, anytime.
Learn and practice real-world skills and achieve your goals.
This is a comprehensive course on Exploit Development in Windows platform. The course is designed in such a way to help the beginners. It will help you understand the different domains of software exploitation.
The participants will learn about different types and techniques of exploitation, using debuggers to create their own exploits, understand protection mechanism of the Operating Systems and how to bypass them. You will also learn how to write and execute an exploit in the latest Windows operating systems like Windows 7 and 8. This course will be supported by additional reference materials that will help you to understand the concepts and for further reading. The the course content will be updated regularly.
What you will learn?
Who should attend this course?
What are the Prerequisites?
Why take this course ?
Not for you? No problem.
30 day money back guarantee.
Learn on the go.
Desktop, iOS and Android.
Certificate of completion.
|Section 1: Basics|
Buffer overflow is caused when too much data is inserted into a buffer than it can handle. So this may lead to the execution of arbitrary code if a certain memory pointer is overwritten. It's simply like we got a cup full of coffee and when we tried again to fill it, it overflows and this overflowed coffee falls somewhere and cause an unexpected results. The Buffer Overflows can be caused due to stack overflow, heap overflow etc. resulting in the overwriting of pointers. This video will make you understand what is a Buffer Overflow and how it can be exploited.
|Section 2: Exploiting Buffer Overflows|
Vanilla EIP Overwrite
Exploiting Vanilla EIP Overwrite
Based on the protocols and file formats you deal with, certain characters can break your shellcode. This video lecture will teach you to detect and eliminate bad characters that breaks your exploit.
|This lecture will explain how to exploit Structured Exception Handlers (SEH)|
|Section 3: Exploit Development with Mona.py|
Mona.py - The Exploit Writer's Swiss Army Knife
Mona.py - Continuation
|Learn how to convert your exploits into Metasploit Modules|
|Section 4: Advanced Exploit Development in Windows|
Unicode Based Exploit Development Introduction
Unicode Based Exploit Development Continuation
Unicode Based Exploit Development Final Thoughts
Egg Hunter Basics
Writing an Exploit using Egg Hunter
Data Execution Prevention (DEP) Basics
Bypassing Data Execution Prevention (DEP) using ROP Chains
Ajin Abraham is an Application Security Engineer by profession having 5+ years of experience in Application Security including 2 years of Security Research. He is passionate on developing new and unique security tools than depending on pre existing tools that never work. Some of his contributions to Hacker's arsenal include OWASP Xenotix XSS Exploit Framework, Mobile Security Framework (MobSF), Xenotix xBOT, MalBoxie, Firefox Add-on Exploit Suite, Static DOM XSS Scanner, NodeJsScan etc to name a few.
He has been invited to speak at multiple security conferences including ClubHack, NULLCON, OWASP AppSec AsiaPac, BlackHat Europe, Hackmiami, Confidence, BlackHat US, BlackHat Asia, ToorCon, Ground Zero Summit, Hack In the Box and c0c0n.