The courses below were all published in 2015 or earlier. While we stand by pubishing them then, we’ve grown so much since. We recognize that these workshops don’t exactly meet our standards, as we understand them today.
All classes are available within our premium membership, and have adjusted CPE awards to reflect their respective contents. If you join, please keep in mind that some of the information inside might be outdated or not relevant. We’ll be adding notes at the beginning of each course to let you know what’s worth checking out in each!
The access to this course is restricted to Hakin9 Premium or IT Pack Premium Subscription
Welcome to the “Mona.py and exploit development on the edge” workshop. We presented exploit development with Metasploit in last month workshop; however, in this workshop, you will only work with Mona.py and Immunity Debugger to perform exploit development. In reality, Mona.py is a plugin to Immunity debugger so we can say that we will only be using Immunity Debugger as our tool. Surprised? You don’t have to, as Mona.py will do the exploit development job for you. The whole purpose of this workshop is utilizing the best out of Mona.py.
Certificate of completion, no CPE credits
- Sound Knowledge of TCP/IP protocols
- Basic knowledge of Metasploit framework
- Prior hands-on experience with Immunity Debugger
- Understanding of the core concepts in information security and exploits more on how exploits works
What will be covered
In this workshop, we will cover exploit development lifecycle practically. We will focus on utilizing Immunity Debugger and Mona.py to achieve our goal.
What you will learn
This workshop will teach you how to start from the beginning until you are able to code your exploit. You will get to know more about Mona.py and how it makes your life easy in exploit development.
The course is self-paced – you can visit the training whenever you want and your content will be there.
- Once you’re in, you keep access forever, even when you finish the course.
There are no deadlines, except for the ones you set for yourself.
Module 1: SET UP YOUR OWN LAB
- Basic Knowledge
- Setup Exploit Development Environment
- Installing Windows XP on Virtual Box
- Exploit Coding
Module 2: UNDERSTANDING METASPLOIT AND MONA.PY
- Metasploit Exploit Development
- Fuzzing and Controlling
- Mona.py & Exploit Development
- Mona.py Usage
- Bytearray & bad chars
- Comparison of Metasploit & Mona.py Exploit Development
Module 3: REVERSE ENGINEERING REMOTE EXPLOITS AND WRITING OUR OWN CODE
- Downloading the vulnerable Application
- Logging into exploit development lab
- Your Task
Module 4: EXPLORING MONA.PY FEATURES
- Offset Detection
- Dumping Memory content
- Egg Hunting
- Finding Cyclic Pattern (findmsp)
Module 5: USING MONA.PY WITH DEBUGGERS TO WRITE QUICK EXPLOITS
- Quick Fuzzing
- Exploit Module for PCMan’s FTP Server
- Exploit Development on the Edge for Sami FTP Server
- Sami FTP Server Exploit Module
- Workshop eBook