Advanced Exploitation Techniques (W16)

$59.00

Out of stock

The access to this course is restricted to Hakin9 Premium or IT Pack Premium Subscription


 Overview


 

In today’s world of information security wars, it is important, or we can say mandatory, for security professionals to gain more advanced knowledge and keep their knowledge up to date. They should also have thorough hands on experience so they can protect their enterprise’s information for which they are hired. It’s not for beginners as we expect that you already have a basic understanding of concepts presented in this course. Keep in mind that this course is presented solely for educational purposes and not for any unethical act or any type of cyber crime.

This workshop is not designed from scratch, however, if you are a newbie and don’t know much on how to setup your home environment for practicing hacking skills, don’t worry, the last module is dedicated to newbies where you can learn how to setup your home lab and what additional knowledge you need to progress in cyber security and ethical hacking.


You should know


 

We expect that students have prior knowledge in at least the following core requirements of the course:

    • Understands concepts of TCP/IP


    • Core concepts of assembly language


    • Working experience with FTP Servers


    • Understanding of applications like FTP


    • Beginner level experience with Kali Linux


    • Hands on programming experience with at least one object oriented programming language or at least understands the concepts



You will learn


 

While studying this course you would be learning how to discover vulnerabilities and write a working exploit. You will also learn about egg hunters; how they work and why we need them. You will also gain knowledge on types of shellcode and what they are designed for.  At the minimum, you will learn a handful of skills and techniques to start your career into security research where you can work to discover vulnerabilities in Windows based applications working on TCP/IP. The best part of the course is that you will learn step-by-step techniques to perform vulnerability research and then start coding a working exploit for the discovered vulnerability.


Who should take this course?


 

This would be a good start for people who have networking knowledge and have some concepts of information security but don’t have any experience in ethical hacking or penetration testing. It will also be an attractive course for new graduates who have programming knowledge and want to jump into exploit development.


Key Audience

    • System Administrators


    • Network Administrators


    • Information Security Officers


    • Computer Programmers


    • New Graduates


    • Newbies who want to learn hacking



What Students should bring


 

    • Internet connection


    • One PC that can run 2-3 Virtual Machines


 


Course format


    • The course is self-paced – you can visit the training whenever you want and your content will be there.


    • Once you’re in, you keep access forever, even when you finish the course.


    • There are no deadlines, except for the ones you set for yourself.



Syllabus


Module 1   

Deep diving into Buffer Overflows 


 

    • Tutorial 1 – Hello World, let’s fuzzing


    • Exercise 1 – Hacking FTP Server


    • Exercise 2 – Coding working exploit



Module 2 

Understanding Egg Hunting


 

    • Tutorial 1 – Hello World, let’s hunting with Eggs!


    • Tutorial 2  – Implementing Egg hunters


    • Exercise 1 – Mona.py & Egg hunters



Module 3 

Walkthrough of Egg hunting with known Vulnerability

    • Tutorial 1 – Boiling the egg


    • Exercise 1 – Mixing Egg hunter



Module 4 

Case Studies on Advanced Exploiting Techniques


 

    • Tutorial 1 – Hello World, some history


    • Case Study – PCManFTPD


    • Case Study – Meterpreter & PCManFTPD Vulnerability


    • Case Study –  Exploit Development & Metasploit


    • Exercise 1 – Find the rabbit’s foot



Module 5 

What you should know best to Advance your Hacking Skills


    • Tutorial 1 – Required Infrastructure


    • Summary



Module 6 

Workshop eBook 


Instructor

Raheel Ahmad is an information security professional and an experienced instructor and penetration tester with a computer graduate degree and has 10 years of professional experience while working for Big4 and boutique consulting companies. He holds  many industry recognized certifications, including CISSP, CEH, CEI, MCP, MCT, CobIT, and CRISC.

Raheel is a founder of 26SecureLabs, a management consulting company based in Auckland, New Zealand. 26SecureLabs provides ethical hacking and penetration testing services as its core business.

Best way to reach [email protected]

All the study material, concepts, contents and the ethical hacking tricks or techniques presented in this course are solely for educational purposes and must not be used for illegal activities or any computer related crime  – Raheel Ahmad, CISSP, CEH

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013