The access to this course is restricted to Hakin9 Premium or IT Pack Premium Subscription

The access to this course is restricted to Hakin9 Premium or IT Pack Premium Subscription


In the field of ethical hacking or penetration testing, exploit development forms the core of these fields however not every hacker or a security professional is sound in exploit development.

What usually happen, a security professional and so-called hackers use the exploits, which are developed by the security researchers and available on the Internet and are just the Google search away.

Certificate of completion, 1 CPE credit


 Pre-requisites

Exploit development requires the thorough understanding of assembly language and how it works on different platforms and different operating systems.

You also need to be a good programmer or at minimum you understand the programming logics and can write your own code in any of object-oriented programming languages.

Exploiting software required hands-on on different tools and techniques and for our workshop we will focus on how to write exploits with Metasploit Framework, Immunity Debugger and its wonderful plugin called “Mona.py” so in summary you need to have better understanding of the following:

    • Assembly Language Concepts

    • One Object-Oriented Programming Language Concepts

    • Buffer overflows

    • Immunity Debugger and “Mona.py”

    • Fuzzers and Fuzzing

    • Metasploit Framework


Understanding the Basics

To let you concentrate on the exploit development we will try to cover the pre-requisites within our workshop but to the level we feel that you should be comfortable with the concepts so that you don’t need to waste your time in hitting searches on these topics.


Course format

    • The course is self-paced – you can visit the training whenever you want and your content will be there.

    • Once you’re in, you keep access forever, even when you finish the course. 
    • There are no deadlines, except for the ones you set for yourself. 


 Syllabus


MODULE 1: UNDERSTANDING THE BASIC TECHNIQUES

    • Assembly Language Concepts
    • Buffer Overflows
    • Immunity Debugger & Mona.py
    • Fuzzers and Fuzzing
    • Metasploit Framework

MODULE 2: SETTING UP THE LAB ENVIRONMENT 

    • Lab Setup
    • Downloading & Installing Virtual Box
    • Installing Windows XP as Virtual Machine
    • Downloading Vulnerable Application from Exploit-DB
    • Downloading and Installing Immunity Debugger
    • Metasploit Framework (pre-installed with Kali)
    • Lab IP Addressing

MODULE 3: BASIC SKELETON OF AN EXPLOIT 

    • Shellcode or Payload
    • The Example Code
    • Metasploit Exploits Skeleton
    • Core Architecture of Metasploit Exploit Module
    • Exploit

MODULE 4: FINDING VULNERABILITY IN APPLICATION (PRACTICE DEMO) 

    • Exploit Development Lifecycle
    • Analyzing Application
    • Fuzzing
    • Discovering Bugs

MODULE 5: WRITING THE EXPLOIT FOR THE DISCOVERED VULNERABILITY

    • Finding Pointers
    • Calculating Space
    • Controlling EIP
    • Writing PoC


MODULE 6 

Workshop eBook


FINAL EXAM


If you have any questions about the course or the syllabus, please contact Marta Sienicka at [email protected]

Course Reviews

N.A

ratings
  • 5 stars0
  • 4 stars0
  • 3 stars0
  • 2 stars0
  • 1 stars0

No Reviews found for this course.

TAKE THIS COURSE
  • Premium Subscription Only
  • UNLIMITED ACCESS
  • Course Certificate
802 STUDENTS ENROLLED

Who’s Online

Profile picture of Ashwin

Certificate Code

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013