The access to this course is restricted to Hakin9 Premium or IT Pack Premium Subscription
In the field of ethical hacking or penetration testing, exploit development forms the core of these fields however not every hacker or a security professional is sound in exploit development.
What usually happen, a security professional and so-called hackers use the exploits, which are developed by the security researchers and available on the Internet and are just the Google search away.
Certificate of completion, 1 CPE credit
Exploit development requires the thorough understanding of assembly language and how it works on different platforms and different operating systems.
You also need to be a good programmer or at minimum you understand the programming logics and can write your own code in any of object-oriented programming languages.
Exploiting software required hands-on on different tools and techniques and for our workshop we will focus on how to write exploits with Metasploit Framework, Immunity Debugger and its wonderful plugin called “Mona.py” so in summary you need to have better understanding of the following:
Assembly Language Concepts
One Object-Oriented Programming Language Concepts
Immunity Debugger and “Mona.py”
Fuzzers and Fuzzing
Understanding the Basics
To let you concentrate on the exploit development we will try to cover the pre-requisites within our workshop but to the level we feel that you should be comfortable with the concepts so that you don’t need to waste your time in hitting searches on these topics.
The course is self-paced – you can visit the training whenever you want and your content will be there.
- Once you’re in, you keep access forever, even when you finish the course.
There are no deadlines, except for the ones you set for yourself.
MODULE 1: UNDERSTANDING THE BASIC TECHNIQUES
- Assembly Language Concepts
- Buffer Overflows
- Immunity Debugger & Mona.py
- Fuzzers and Fuzzing
- Metasploit Framework
MODULE 2: SETTING UP THE LAB ENVIRONMENT
- Lab Setup
- Downloading & Installing Virtual Box
- Installing Windows XP as Virtual Machine
- Downloading Vulnerable Application from Exploit-DB
- Downloading and Installing Immunity Debugger
- Metasploit Framework (pre-installed with Kali)
- Lab IP Addressing
MODULE 3: BASIC SKELETON OF AN EXPLOIT
- Shellcode or Payload
- The Example Code
- Metasploit Exploits Skeleton
- Core Architecture of Metasploit Exploit Module
MODULE 4: FINDING VULNERABILITY IN APPLICATION (PRACTICE DEMO)
- Exploit Development Lifecycle
- Analyzing Application
- Discovering Bugs
MODULE 5: WRITING THE EXPLOIT FOR THE DISCOVERED VULNERABILITY
- Finding Pointers
- Calculating Space
- Controlling EIP
If you have any questions about the course or the syllabus, please contact Marta Sienicka at [email protected]