Exploit Development/Wintel Platform - Workshop eBook

Hakin9 ExDevWintelPlatform

In the field of ethical hacking, or penetration testing, exploit development forms the core of these fields, however, not every hacker or security professional is sound in exploit development. What usually happens is security professionals and so-called hackers use the exploits, which are developed by the security researchers and available on the Internet and are just a Google search away.

This e-book contains text materials from the course.



Module 1 – understanding the basic techniques

    • Introduction

    • Prerequisites

    • Understanding the Basics

        • Assembly Language Concepts

            • The Data Section

            • The bss section

            • The text section

            •  Assembly Statements

            • Syntax of assembly statements

            • Assembly Registers

        • Object oriented Programming Language

        • Buffer Overflows

        • Immunity Debugger & Mona.py

        • Fuzzers and Fuzzing

        • Metasploit Framework

        • Exploit Development Life Cycle

Module 2 – Setting up the Lab Environment

    •  Introduction

    • Lab Setup

        • Step 1: Downloading & Installing Virtual Box

        • Step 2: Installing Windows XP as Virtual Machine

        • Step 3: Downloading Vulnerable Application from Exploit-DB

        • Step 4: Downloading and Installing Immunity Debugger

        • Step 5: Metasploit Framework (pre-installed with Kali)

        • Step 6: Lab IP Addressing

Module 3 – Basic Skeleton of an Exploit Introduction

    • Knowledge Base

    • Shellcode or Payload

    • Vulnerability

    • Zero-day

    • The Example Code

        • Manual Exploit Coding

        • Metasploit Exploits Skeleton

    • Benefits of Automation in Exploit Development

    • Core Architecture of Metasploit Exploit Module

        • Initialization

        • Exploit

    • Summary

Module 4 – Finding Vulnerability in Application (practice demo)

    • Basic Requirements

    • Exploit Development Lifecycle

        • Analyzing Application

        • Fuzzing

        • Discovering Bugs

Module 5 – Writing the Exploit for the Discovered Vulnerability

    • Finding Pointers

    • Calculating Space

    • Controlling EIP

    • Writing PoC

Hakin9 ExDevWintelPlatform

Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013