Exploit Development Advanced
In this course, students who participated in the introductory course (RT433) will further deepen their knowledge and understanding of exploit research and development .
This comprehensive course is designed to turn the students into high-level security experts. They will learn how to find critical vulnerabilities everywhere in the platforms an exploit them. This training is a must-have knowledge for anyone who aims to work as a professional hands-on performer in the security field. Students will be given practical skills in core subjects of information security, terminology, entering systems, and protecting them and will put great emphasis on hands-on practice.
Duration: 40 Hours
• Penetration testers
• Security professionals and vendors
• Research teams
• Reverse Engineers
• Background in Malware Analysis
• ThinkCyber RT433 Course
• Discovering different levels of vulnerabilities including zero-day vulnerabilities
• Understanding the methods of attacks
• Infrastructure and system defense
• Become familiar with APT and attacks
• Understanding modern security mechanisms
Module 1: Buffer Overflow Attacks
This module will introduce participants to the world of exploit development, explain the basic rules, what needs to be focused, and how to create a neat and professional work process. This module will show the basic techniques of binary exploitation.
- Anatomy of a program in memory Process Memory Organization Memory stack Buffer Overflow Concepts and Definitions Brief on Assembly Registers and Data Organization
- Stack overflow The Stack Variables Environment Variables Overwriting Function Pointers Stored on the Stack Segmentation Fault Error Understand Pointers System instructions and OP Codes Executing ‘\xcc’ Instruction Find Executable Crash-Address Crashing Executables with Programming Allocate Buffer Size Allocate Shellcode Size Stack Common Defense Mechanisms DEP ASLR NX Working with NOP Find JMP Instructions in the Memory Writing POC Code
- Format strings vulnerability Strings Leakage Modify the Execution Flow of Programs Modify Arbitrary Memory Locations Specific Values Assignments Writing Larger Data to the Process Redirecting Execution in a Process
Module 2: Advanced Buffer Overflow Attacks
This module will raise the level of buffer overflow capabilities and present advanced and widely accepted techniques in the world of binary exploitation.
- Heap Overflow Heap Memory Section Heap Structure and Functionality Influence the Code Flow Hijacking in Data Overwrite Heap Pointers Heap Metadata ‘Dlmalloc’ to Change Program Execution
- Advance overflow techniques Converting Strings to Little Endian Integers Convert Binary Integers into ASCII Representation Working with 32-bit Unsigned Integers Remote Blind Format String Remote Heap Overflow Attack Heap Overflows using VEH Heap Overflows using the UEF
Module 3: Linux Executables Exploitation
This module will show the participants how to analyze the misconfigured C-code program to take advantage and write exploitation code to manipulate the system.
- Analyzing C Code Programs SUID Files Permissions Race Conditions Shell Meta-Variables $PATH Weaknesses Scripting Language Weaknesses Binary Compilation Failures Program That Allows Arbitrary Programs to be Executed Manipulating Crontab Instructions Bypassing Restriction Code of File Read Permissions Exploiting Directory Permissions Escape Restricted Shells and Environments Binary Processes Standard Input and Executes a Shell Command Exploit Local Network Services