4Mona.py and Exploit Development on the Edge (W7)


1 item sold

Out of stock

The access to this course is restricted to Hakin9 Premium or IT Pack Premium Subscription

Welcome to the “Mona.py and exploit development on the edge” workshop. We presented exploit development with Metasploit in last month workshop; however, in this workshop, you will only work with Mona.py and Immunity Debugger to perform exploit development. In reality, Mona.py is a plugin to Immunity debugger so we can say that we will only be using Immunity Debugger as our tool. Surprised? You don’t have to, as Mona.py will do the exploit development job for you. The whole purpose of this workshop is utilizing the best out of Mona.py.


    • Sound Knowledge of TCP/IP protocols

    • Basic knowledge of Metasploit framework

    • Prior hands-on experience with Immunity Debugger

    • Understanding of the core concepts in information security and exploits more on how exploits works

What will be covered

In this workshop, we will cover exploit development lifecycle practically. We will focus on utilizing Immunity Debugger and Mona.py to achieve our goal.

What you will learn

This workshop will teach you how to start from the beginning until you are able to code your exploit. You will get to know more about Mona.py and how it makes your life easy in exploit development.

Course format

    • The course is self-paced – you can visit the training whenever you want and your content will be there.

    • Once you’re in, you keep access forever, even when you finish the course.

    • There are no deadlines, except for the ones you set for yourself.


Module 1 

    • Setup your own lab

        • Basic Knowledge

        • Setup Exploit Development Environment

        • Installing Windows XP on Virtual Box

        • Exploit Coding

Module 2 

    • Understanding Metasploit and Mona.py

        • Metasploit Exploit Development

        • Fuzzing and Controlling

        • Mona.py & Exploit Development

        • Mona.py Usage

        • Bytearray & bad chars

        • Comparison of Metasploit & Mona.py Exploit Development

Module 3 

    • Reverse Engineering Remote Exploits and writing our own code

        • Downloading the vulnerable Application

        • Logging into exploit development lab

        • Your Task 

Module 4 

    • Exploring Mona.py Features

        • Offset Detection

        • Dumping Memory content

        • Egg Hunting

        • Finding Cyclic Pattern (findmsp)

        • Suggest

Module 5 

    • Using Mona.py with Debuggers to write quick exploits

        • Exploit Development on the Edge for PCMan’s FTP Server

        • Quick Fuzzing

        • Exploit Module for PCMan’s FTP Server

        • Exploit Development on the Edge for Sami FTP Server

        • Sami FTP Server Exploit Module

Module 6

    • Workshop eBook

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013