Title: Hack to Basics - x86 Windows Based Buffer Overflows, an introduction to buffer overflows
Instructor: Dino Covotsos
Abstract: Want to learn about exploit development but feeling overwhelmed at all the latest technologies and buzzwords?
Hack to basics is a course which will provide you with foundational level exploit development skills with real world exploitation techniques. This will range from “Vanilla” EIP overwrites through to Structured Exception Handler(SEH) exploitation and how egg hunters work with practical examples.
By the end of the course, Students can expect to know the basics of x86 assembly, including some real world examples of exploiting vanilla EIP overwrites, SEH exploitation and using egg hunters. This will provide an entry to the world of exploit development and a strong foundation to work off in order to make it easier to transition to the newer, more advanced technologies which are in place today.
To get the most out of this training, the following should be studied beforehand:
FuzzySecurity:
http://www.fuzzysecurity.com/tutorials/expDev/1.html
http://www.fuzzysecurity.com/tutorials/expDev/2.html
http://www.fuzzysecurity.com/tutorials/expDev/3.html
http://www.fuzzysecurity.com/tutorials/expDev/4.html
Corelan:
https://www.corelan.be/index.php/200...sed-overflows/
https://www.corelan.be/index.php/200...torial-part-2/
https://www.corelan.be/index.php/200...al-part-3-seh/
We will be using Python to construct our exploits, combined with a debugger such as Immunity or OllyDBG, it it is recommended to be familiar with both.
Level: Intermediate/Advanced
Pre-Requisites: Basic experience in assembly and a debugger, preferably Immunity or Olly.
2-3 years of penetration testing experience would be beneficial.
Experience in Kali linux, as this will be used as the primary operating system.
Required Materials: Laptops with the following specs or greater:
Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz (or AMD equivalent)
8GB RAM
Kali Linux installed (x86 is fine)
Wireless Network Adapter + Ethernet Adapter
Virtualbox or equivalent installed
Instructor: Dino Covotsos
Abstract: Want to learn about exploit development but feeling overwhelmed at all the latest technologies and buzzwords?
Hack to basics is a course which will provide you with foundational level exploit development skills with real world exploitation techniques. This will range from “Vanilla” EIP overwrites through to Structured Exception Handler(SEH) exploitation and how egg hunters work with practical examples.
By the end of the course, Students can expect to know the basics of x86 assembly, including some real world examples of exploiting vanilla EIP overwrites, SEH exploitation and using egg hunters. This will provide an entry to the world of exploit development and a strong foundation to work off in order to make it easier to transition to the newer, more advanced technologies which are in place today.
To get the most out of this training, the following should be studied beforehand:
FuzzySecurity:
http://www.fuzzysecurity.com/tutorials/expDev/1.html
http://www.fuzzysecurity.com/tutorials/expDev/2.html
http://www.fuzzysecurity.com/tutorials/expDev/3.html
http://www.fuzzysecurity.com/tutorials/expDev/4.html
Corelan:
https://www.corelan.be/index.php/200...sed-overflows/
https://www.corelan.be/index.php/200...torial-part-2/
https://www.corelan.be/index.php/200...al-part-3-seh/
We will be using Python to construct our exploits, combined with a debugger such as Immunity or OllyDBG, it it is recommended to be familiar with both.
Level: Intermediate/Advanced
Pre-Requisites: Basic experience in assembly and a debugger, preferably Immunity or Olly.
2-3 years of penetration testing experience would be beneficial.
Experience in Kali linux, as this will be used as the primary operating system.
Required Materials: Laptops with the following specs or greater:
Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz (or AMD equivalent)
8GB RAM
Kali Linux installed (x86 is fine)
Wireless Network Adapter + Ethernet Adapter
Virtualbox or equivalent installed
Comment