Advanced Exploit Lab Training Program

As companies are getting more and more conscious of having their internal programs binary audited and reverse engineered, penetration testers are required to spot vulnerabilities in compiled code and test their impact by writing custom exploits for these vulnerabilities. The Exploit Laboratory takes the hacker's approach in demonstrating how seemingly trivial errors and vulnerabilities can be exploited with astonishing results. Just because an exploit is not publicly available on sites such as Security Focus, doesn't mean that the vulnerability cannot or is not being exploited. The Exploit Laboratory Training program begins with an introduction to vulnerabilities in binary code and goes through a systematic process of debugging, reverse engineering and writing a working exploit for these vulnerabilities.



Course Outline

  1. 1.Introduction to Vulnerabilities
  2. 2.The CPU's Registers
  3. 3.The Process memory map
  4. 4.Stack Overflows in Linux
  5. 5.Stack Overflows in Win32
  6. 6.Getting control of the Instruction Pointer
  7. 7.Advances in shellcode techniques
  1. 8.Overwriting Exception Handlers
  2. 9.Heap Overflows in Linux
  3. 10.Heap Overflows in Win32
  4. 11.Format String bugs
  5. 12.Stack Overflows in Win32
  6. 13.Getting control of the Instruction Pointer
  7. 14.Advances in shellcode techniques