Null offensive hacking hands-on training.
Proposed sessions for this event:
- Exploit Development by Manish
Workshop on Exploit Development
Introduction to Exploit Development
- Understanding the fundamentals of exploit development
- The importance of security research and responsible disclosure
Basic of Windows and Linux Concepts
- Overview of Windows and Linux operating systems
- Memory management and process architecture
- Understanding assembly language (x86 and x64)
Fuzzing and Crash Analysis
- Introduction to fuzzing and its importance in exploit development
- Setting up a basic fuzzing environment
- Analyzing crash dumps and identifying potential vulnerabilities
Finding Offset and Overwriting EIP
- Understanding the concept of EIP (Extended Instruction Pointer)
- Locating the offset to control EIP
- Overwriting EIP with a controlled value
Finding Bad Characters
- Identifying and dealing with bad characters in shellcode
- Creating a custom character set to avoid bad characters
Stack-based Buffer Overflow
- Introduction to stack-based buffer overflow vulnerabilities
- Identifying vulnerable applications
- Crafting and sending exploit
Introduction to Egg Hunting
- Understanding the need for egg hunting in exploit development
- Implementing and integrating an Egghunter
Return-Oriented Programming (ROP)
- Understanding ROP gadgets and their role in evading exploit defenses
- Developing a ROP-based exploit
Conclusion and Next Steps
- Recap of key concepts and techniques learned
- Guidance on further resources and opportunities for advanced exploit development
Hardware requirements:
- System with admin rights and VT-x enabled
- Minimum 4GB RAM and 200 GB Hard-Disk space
- Bring Your Own Internet
Software requirements:
- VMWare Workstation/Player:
- VMWare Player: VM Ware Player
- Windows VM : Download (Use 7zip to extract VM files)
- Linux VM: download (Use 7zip to extract VM files)
- Challenges (will be uploaded by August 9th):
Prior Knowledge:
- Understanding of python
- Basic Understanding of Assembly Language
- Good to have - Windows and Linux internals
Let's get started! If you have any questions during the workshop, feel free to ask the instructor for assistance.
Date | Saturday August 12 2023 |
---|---|
Chapter | Bangalore |
Registrations | 30 |
Max Registrations | 30 |
Event Type | Invite Only |
Start Time | 09:30 AM |
End Time | 04:00 PM |
Session Schedule
Name | Speaker | Start Time | End Time | Resources |
---|---|---|---|---|
Exploit Development | Manish | 09:30 AM | 04:00 PM |
Venue
This is an invite only event. If you are selected you will receive further information via e-mail.