Windows Exploit Development Megaprimer

Learn how to write reliable exploits.
3.3 (11 ratings) Instead of using a simple lifetime average, Udemy calculates a
course's star rating by considering a number of different factors
such as the number of ratings, the age of ratings, and the
likelihood of fraudulent ratings.
368 students enrolled
$90
Take This Course
  • Lectures 15
  • Contents Video: 4 hours
  • Skill Level All Levels
  • Languages English
  • Includes Lifetime access
    30 day money back guarantee!
    Available on iOS and Android
    Certificate of Completion
Wishlisted Wishlist

How taking a course works

Discover

Find online courses made by experts from around the world.

Learn

Take your courses with you and learn anywhere, anytime.

Master

Learn and practice real-world skills and achieve your goals.

About This Course

Published 10/2014 English

Course Description

This is a comprehensive course on Exploit Development in Windows platform. The course is designed in such a way to help the beginners. It will help you understand the different domains of software exploitation.

The participants will learn about different types and techniques of exploitation, using debuggers to create their own exploits, understand protection mechanism of the Operating Systems and how to bypass them. You will also learn how to write and execute an exploit in the latest Windows operating systems like Windows 7 and 8. This course will be supported by additional reference materials that will help you to understand the concepts and for further reading. The the course content will be updated regularly.


What you will learn?

  • Learn stack based buffer overflow
  • Exploiting buffer overflows
  • Understand and write shellcodes
  • Write exploits for Win32 platform
  • Bypassing various memory protections
  • Making your exploits reliable
  • Write remote and local exploits
  • Converting your exploits to metasploit modules
  • Learn about concepts like Vanilla EIP Overwrite, Egg hunting, SEH overwrite, ROP chains etc.
  • Learn to use various exploit development tools like debuggers, mona extension etc.

Who should attend this course?

  • Pentesters
  • Network/system administrators
  • Reverse engineers
  • Malware analysts
  • Security enthusiasts
  • Anyone interested in exploit development.

What are the Prerequisites?

  • Working knowledge of Windows and Linux Operating Systems
  • Knowledge in scripting languages like Python, Perl or Ruby
  • Comfortable with command-line utilities
  • Basics of Assembly language

Why take this course ?

  • Do you want to learn how to read and understand existing exploits?
  • Do need to successfully modify an existing exploit?.
  • Do you want to write reliable exploits and port them into Metasploit modules?
  • Do you want to know how shellcode works ?
  • Do you need to understand the basic concepts of exploit writing?
  • Are you willing to dig deeper into shellcodes and debugger?
  • Then this course is for you!

What are the requirements?

  • Nothing much, Knowledge in any Scripting language like Python will be helpful.
  • Basic knowledge in assembly is good but not a necessity.

What am I going to get from this course?

  • Learn how Exploit Works
  • Bypass memory protections
  • Make exploits reliable
  • Scenario based Exploit Development
  • Port Exploits into Metasploit modules

What is the target audience?

  • This course is meant for people who are interested in Exploit Development

What you get with this course?

Not for you? No problem.
30 day money back guarantee.

Forever yours.
Lifetime access.

Learn on the go.
Desktop, iOS and Android.

Get rewarded.
Certificate of completion.

Curriculum

Section 1: Basics
13:14

Buffer overflow is caused when too much data is inserted into a buffer than it can handle. So this may lead to the execution of arbitrary code if a certain memory pointer is overwritten. It's simply like we got a cup full of coffee and when we tried again to fill it, it overflows and this overflowed coffee falls somewhere and cause an unexpected results. The Buffer Overflows can be caused due to stack overflow, heap overflow etc. resulting in the overwriting of pointers. This video will make you understand what is a Buffer Overflow and how it can be exploited.

Section 2: Exploiting Buffer Overflows
Vanilla EIP Overwrite
13:54
Exploiting Vanilla EIP Overwrite
10:11
09:11

Based on the protocols and file formats you deal with, certain characters can break your shellcode. This video lecture will teach you to detect and eliminate bad characters that breaks your exploit.

21:46
This lecture will explain how to exploit Structured Exception Handlers (SEH)
Section 3: Exploit Development with Mona.py
Mona.py - The Exploit Writer's Swiss Army Knife
20:04
Mona.py - Continuation
14:06
15:42
Learn how to convert your exploits into Metasploit Modules
Section 4: Advanced Exploit Development in Windows
Unicode Based Exploit Development Introduction
20:42
Unicode Based Exploit Development Continuation
16:55
Unicode Based Exploit Development Final Thoughts
19:32
Egg Hunter Basics
12:51
Writing an Exploit using Egg Hunter
16:59
Data Execution Prevention (DEP) Basics
17:59
Bypassing Data Execution Prevention (DEP) using ROP Chains
16:55

Students Who Viewed This Course Also Viewed

  • Loading
  • Loading
  • Loading

Instructor Biography

Ajin Abraham, Security Researcher

Ajin Abraham is an Application Security Engineer by profession having 5+ years of experience in Application Security including 2 years of Security Research. He is passionate on developing new and unique security tools than depending on pre existing tools that never work. Some of his contributions to Hacker's arsenal include OWASP Xenotix XSS Exploit Framework, Mobile Security Framework (MobSF), Xenotix xBOT, MalBoxie, Firefox Add-on Exploit Suite, Static DOM XSS Scanner, NodeJsScan etc to name a few.

He has been invited to speak at multiple security conferences including ClubHack, NULLCON, OWASP AppSec AsiaPac, BlackHat Europe, Hackmiami, Confidence, BlackHat US, BlackHat Asia, ToorCon, Ground Zero Summit, Hack In the Box and c0c0n.


Ready to start learning?
Take This Course