Training
Introduction to Exploit Development
Training Overview
The "Introduction to Exploit Development" training covers the process and techniques of developing exploits by leveraging software vulnerabilities. Starting from basic concepts, the course addresses common security vulnerabilities such as buffer overflows and format string vulnerabilities and details how to exploit these vulnerabilities. Additionally, it focuses on the use of exploit development tools and how to bypass defense mechanisms.
What You Will Learn
- The fundamentals of memory corruption, focusing on buffer overflows.
- How to create patterns and find the exact offset to overwrite the EIP register.
- How to identify and handle 'bad characters' that can break shellcode.
- The process of analyzing and writing a basic buffer overflow exploit for a Linux application.
Who is this for?
- Aspiring Exploit Developers.
- Advanced Penetration Testers wanting to move beyond automated tools.
- Security Researchers interested in vulnerability analysis.
Prerequisites
- A strong understanding of computer architecture and memory.
- Proficiency in a low-level language like C or C++.
- Familiarity with Assembly language and debuggers.
Tools You Will Use
- A debugger (e.g., GDB on Linux)
- A hex editor
- Python or another scripting language for exploit writing
Training Sections
- Introduction
- Buffer Overflow
- Buffer Overflow Tespiti
- Creating a Pattern and Finding the Offset
- Badchars
- HexEdit
- Linux Buffer Overflow - Analysis
- Linux Buffer Overflow - Exploitation
- Exam