A penetration tester who only knows how to use tools written by others is limited to old techniques. Learning to develop your own exploits will make you much more powerful. Python is the favorite choice for penetration testers because it combines simplicity and ease of use with advanced features.
This video course starts with high-level code injection, the simplest sort of exploit. It then explains binary exploits that allow you to skip past unwanted code, such as the password or product key tests, and add Trojan code. You will perform the exploit development process: finding a vulnerability, analyzing a crash in a debugger, creating a crafted attack, and achieving remote code execution on Windows and Linux. You will use the gdb debugger to analyze Linux executables and Python code to exploit them. On Windows, you’ll use the Immunity debugger and Python.
About the Author
Sam Bowne has been teaching computer networking and security classes at City College San Francisco since 2000. He has given talks and hands-on trainings at DEFCON, HOPE, B-Sides SF, B-Sides LV, BayThreat, LayerOne, Toorcon, and many other schools and conferences. Credentials: PhD, CISSP, DEF CON Black-Badge Co-Winner
Who this course is for:
- This course is intended for security professionals who want to create binary exploits with Python and explore the world of exploit development.
- Basic Knowledge of Python.
- This course uses a demonstration-and-challenge approach which guides students from passive observation to practical implementation of binary exploit at development techniques.
What you’ll learn
- Remove unwanted code such as the password or product key tests, and add Trojan code
- Analyze simple Windows executable files and modify them using the Immunity Debugger
- Write Python Scripts to perform exploits
- Analyze simple Linux executable files and modify them using the gdb debugger
Note: Comment below if you find any link dead or getting problem in downloading files.
You May Also Like