Buying for a Team? Gift This Course
Wishlisted Wishlist

Please confirm that you want to add Windows Exploit Development Megaprimer to your Wishlist.

Add to Wishlist

Windows Exploit Development Megaprimer

Learn how to write reliable exploits.
3.2 (17 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
419 students enrolled
Created by Ajin Abraham
Last updated 10/2014
English
$15 $90 83% off
30-Day Money-Back Guarantee
Includes:
  • 4 hours on-demand video
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Have a coupon?
Description

This is a comprehensive course on Exploit Development in Windows platform. The course is designed in such a way to help the beginners. It will help you understand the different domains of software exploitation.

The participants will learn about different types and techniques of exploitation, using debuggers to create their own exploits, understand protection mechanism of the Operating Systems and how to bypass them. You will also learn how to write and execute an exploit in the latest Windows operating systems like Windows 7 and 8. This course will be supported by additional reference materials that will help you to understand the concepts and for further reading. The the course content will be updated regularly.


What you will learn?

  • Learn stack based buffer overflow
  • Exploiting buffer overflows
  • Understand and write shellcodes
  • Write exploits for Win32 platform
  • Bypassing various memory protections
  • Making your exploits reliable
  • Write remote and local exploits
  • Converting your exploits to metasploit modules
  • Learn about concepts like Vanilla EIP Overwrite, Egg hunting, SEH overwrite, ROP chains etc.
  • Learn to use various exploit development tools like debuggers, mona extension etc.

Who should attend this course?

  • Pentesters
  • Network/system administrators
  • Reverse engineers
  • Malware analysts
  • Security enthusiasts
  • Anyone interested in exploit development.

What are the Prerequisites?

  • Working knowledge of Windows and Linux Operating Systems
  • Knowledge in scripting languages like Python, Perl or Ruby
  • Comfortable with command-line utilities
  • Basics of Assembly language

Why take this course ?

  • Do you want to learn how to read and understand existing exploits?
  • Do need to successfully modify an existing exploit?.
  • Do you want to write reliable exploits and port them into Metasploit modules?
  • Do you want to know how shellcode works ?
  • Do you need to understand the basic concepts of exploit writing?
  • Are you willing to dig deeper into shellcodes and debugger?
  • Then this course is for you!

Who is the target audience?
  • This course is meant for people who are interested in Exploit Development
Students Who Viewed This Course Also Viewed
What Will I Learn?
Learn how Exploit Works
Bypass memory protections
Make exploits reliable
Scenario based Exploit Development
Port Exploits into Metasploit modules
View Curriculum
Requirements
  • Nothing much, Knowledge in any Scripting language like Python will be helpful.
  • Basic knowledge in assembly is good but not a necessity.
Curriculum For This Course
Expand All 15 Lectures Collapse All 15 Lectures 04:00:01
+
Basics
1 Lecture 13:14

Buffer overflow is caused when too much data is inserted into a buffer than it can handle. So this may lead to the execution of arbitrary code if a certain memory pointer is overwritten. It's simply like we got a cup full of coffee and when we tried again to fill it, it overflows and this overflowed coffee falls somewhere and cause an unexpected results. The Buffer Overflows can be caused due to stack overflow, heap overflow etc. resulting in the overwriting of pointers. This video will make you understand what is a Buffer Overflow and how it can be exploited.

Preview 13:14
+
Exploiting Buffer Overflows
4 Lectures 55:02
Vanilla EIP Overwrite
13:54

Exploiting Vanilla EIP Overwrite
10:11

Based on the protocols and file formats you deal with, certain characters can break your shellcode. This video lecture will teach you to detect and eliminate bad characters that breaks your exploit.

Eliminating Bad Character in your Exploit
09:11

This lecture will explain how to exploit Structured Exception Handlers (SEH)
Exploiting Buffer Overflow : Structured Exception Handler (SEH) Overwrite
21:46
+
Exploit Development with Mona.py
3 Lectures 49:52
Mona.py - The Exploit Writer's Swiss Army Knife
20:04

Mona.py - Continuation
14:06

Learn how to convert your exploits into Metasploit Modules
Preview 15:42
+
Advanced Exploit Development in Windows
7 Lectures 02:01:53
Unicode Based Exploit Development Introduction
20:42

Unicode Based Exploit Development Continuation
16:55

Unicode Based Exploit Development Final Thoughts
19:32

Egg Hunter Basics
12:51

Writing an Exploit using Egg Hunter
16:59

Data Execution Prevention (DEP) Basics
17:59

Bypassing Data Execution Prevention (DEP) using ROP Chains
16:55
About the Instructor
3.9 Average rating
86 Reviews
987 Students
4 Courses
Security Researcher

Ajin Abraham is an Application Security Engineer by profession having 5+ years of experience in Application Security including 2 years of Security Research. He is passionate on developing new and unique security tools than depending on pre existing tools that never work. Some of his contributions to Hacker's arsenal include OWASP Xenotix XSS Exploit Framework, Mobile Security Framework (MobSF), Xenotix xBOT, MalBoxie, Firefox Add-on Exploit Suite, Static DOM XSS Scanner, NodeJsScan etc to name a few.

He has been invited to speak at multiple security conferences including ClubHack, NULLCON, OWASP AppSec AsiaPac, BlackHat Europe, Hackmiami, Confidence, BlackHat US, BlackHat Asia, ToorCon, Ground Zero Summit, Hack In the Box and c0c0n.


Report Abuse