Exploit Development/Wintel Platform - Workshop eBook

Download
File
Hakin9 ExDevWintelPlatform

In the field of ethical hacking, or penetration testing, exploit development forms the core of these fields, however, not every hacker or security professional is sound in exploit development. What usually happens is security professionals and so-called hackers use the exploits, which are developed by the security researchers and available on the Internet and are just a Google search away.

This e-book contains text materials from the course.

 

INSIDE

Module 1 – understanding the basic techniques

    • Introduction


    • Prerequisites


    • Understanding the Basics

        • Assembly Language Concepts

            • The Data Section


            • The bss section


            • The text section


            •  Assembly Statements


            • Syntax of assembly statements


            • Assembly Registers



        • Object oriented Programming Language


        • Buffer Overflows


        • Immunity Debugger & Mona.py


        • Fuzzers and Fuzzing


        • Metasploit Framework


        • Exploit Development Life Cycle



Module 2 – Setting up the Lab Environment

    •  Introduction


    • Lab Setup

        • Step 1: Downloading & Installing Virtual Box


        • Step 2: Installing Windows XP as Virtual Machine


        • Step 3: Downloading Vulnerable Application from Exploit-DB


        • Step 4: Downloading and Installing Immunity Debugger


        • Step 5: Metasploit Framework (pre-installed with Kali)


        • Step 6: Lab IP Addressing



Module 3 – Basic Skeleton of an Exploit Introduction

    • Knowledge Base


    • Shellcode or Payload


    • Vulnerability


    • Zero-day


    • The Example Code

        • Manual Exploit Coding


        • Metasploit Exploits Skeleton



    • Benefits of Automation in Exploit Development


    • Core Architecture of Metasploit Exploit Module

        • Initialization


        • Exploit



    • Summary


Module 4 – Finding Vulnerability in Application (practice demo)

    • Basic Requirements


    • Exploit Development Lifecycle

        • Analyzing Application


        • Fuzzing


        • Discovering Bugs



Module 5 – Writing the Exploit for the Discovered Vulnerability

    • Finding Pointers


    • Calculating Space


    • Controlling EIP


    • Writing PoC



Download
File
Hakin9 ExDevWintelPlatform

Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013