This is a comprehensive course on Exploit Development in Windows platform. The course is designed in such a way to help the beginners. It will help you understand the different domains of software exploitation.
The participants will learn about different types and techniques of exploitation, using debuggers to create their own exploits, understand protection mechanism of the Operating Systems and how to bypass them. You will also learn how to write and execute an exploit in the latest Windows operating systems like Windows 7 and 8. This course will be supported by additional reference materials that will help you to understand the concepts and for further reading. The the course content will be updated regularly.
What you will learn?
Who should attend this course?
What are the Prerequisites?
Why take this course ?
Buffer overflow is caused when too much data is inserted into a buffer than it can handle. So this may lead to the execution of arbitrary code if a certain memory pointer is overwritten. It's simply like we got a cup full of coffee and when we tried again to fill it, it overflows and this overflowed coffee falls somewhere and cause an unexpected results. The Buffer Overflows can be caused due to stack overflow, heap overflow etc. resulting in the overwriting of pointers. This video will make you understand what is a Buffer Overflow and how it can be exploited.
Based on the protocols and file formats you deal with, certain characters can break your shellcode. This video lecture will teach you to detect and eliminate bad characters that breaks your exploit.
Ajin Abraham is an Application Security Engineer by profession having 5+ years of experience in Application Security including 2 years of Security Research. He is passionate on developing new and unique security tools than depending on pre existing tools that never work. Some of his contributions to Hacker's arsenal include OWASP Xenotix XSS Exploit Framework, Mobile Security Framework (MobSF), Xenotix xBOT, MalBoxie, Firefox Add-on Exploit Suite, Static DOM XSS Scanner, NodeJsScan etc to name a few.
He has been invited to speak at multiple security conferences including ClubHack, NULLCON, OWASP AppSec AsiaPac, BlackHat Europe, Hackmiami, Confidence, BlackHat US, BlackHat Asia, ToorCon, Ground Zero Summit, Hack In the Box and c0c0n.