The access to this course is restricted to Hakin9 Premium or IT Pack Premium Subscription

Course archive

The courses below were all published in 2015 or earlier. While we stand by pubishing them then, we’ve grown so much since. We recognize that these workshops don’t exactly meet our standards, as we understand them today. 

All classes are available within our premium membership, and have adjusted CPE awards to reflect their respective contents. If you join, please keep in mind that some of the information inside might be outdated or not relevant. We’ll be adding notes at the beginning of each course to let you know what’s worth checking out in each! 


The access to this course is restricted to Hakin9 Premium or IT Pack Premium Subscription


 

Welcome to the “Mona.py and exploit development on the edge” workshop. We presented exploit development with Metasploit in last month workshop; however, in this workshop, you will only work with Mona.py and Immunity Debugger to perform exploit development. In reality, Mona.py is a plugin to Immunity debugger so we can say that we will only be using Immunity Debugger as our tool. Surprised? You don’t have to, as Mona.py will do the exploit development job for you. The whole purpose of this workshop is utilizing the best out of Mona.py.

Certificate of completion, no CPE credits


Pre-requisites 

    • Sound Knowledge of TCP/IP protocols
    • Basic knowledge of Metasploit framework
    • Prior hands-on experience with Immunity Debugger
    • Understanding of the core concepts in information security and exploits more on how exploits works

What will be covered

In this workshop, we will cover exploit development lifecycle practically. We will focus on utilizing Immunity Debugger and Mona.py to achieve our goal.


What you will learn

This workshop will teach you how to start from the beginning until you are able to code your exploit. You will get to know more about Mona.py and how it makes your life easy in exploit development.


Course format

    • The course is self-paced – you can visit the training whenever you want and your content will be there.

    • Once you’re in, you keep access forever, even when you finish the course. 
    • There are no deadlines, except for the ones you set for yourself. 


SYLLABUS


Module 1: SET UP YOUR OWN LAB 

    • Basic Knowledge
    • Setup Exploit Development Environment
    • Installing Windows XP on Virtual Box
    • Exploit Coding

Module 2: UNDERSTANDING METASPLOIT AND MONA.PY 

    • Metasploit Exploit Development
    • Fuzzing and Controlling
    • Mona.py & Exploit Development
    • Mona.py Usage
    • Bytearray & bad chars
    • Comparison of Metasploit & Mona.py Exploit Development 

Module 3: REVERSE ENGINEERING REMOTE EXPLOITS AND WRITING OUR OWN CODE 

    • Downloading the vulnerable Application
    • Logging into exploit development lab
    • Your Task

Module 4: EXPLORING MONA.PY FEATURES 

    • Offset Detection
    • Dumping Memory content
    • Egg Hunting
    • Finding Cyclic Pattern (findmsp)
    • Suggest

Module 5: USING MONA.PY WITH DEBUGGERS TO WRITE QUICK EXPLOITS 

    • Exploit Development on the Edge for PCMan’s FTP Server
    • Quick Fuzzing
    • Exploit Module for PCMan’s FTP Server
    • Exploit Development on the Edge for Sami FTP Server
    • Sami FTP Server Exploit Module

Module 6

    • Workshop eBook

Course Reviews

N.A

ratings
  • 5 stars0
  • 4 stars0
  • 3 stars0
  • 2 stars0
  • 1 stars0

No Reviews found for this course.

TAKE THIS COURSE
  • Premium Subscription Only
  • UNLIMITED ACCESS
  • Course Certificate
896 STUDENTS ENROLLED

Who’s Online

Profile picture of Marta Sienicka

Certificate Code

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013