Pwn-X Modern Windows Exploitation

Pwn-X Modern Windows Exploitation

https://www.udemy.com/course/

The Most Up To Date Course on Exploit Development - Learn Exploit Development on Windows 10

新

0.0 (0 ratings)

3 students enrolled

创建者 Himanshu Khokhar Jaat

上次更新 4/2020

英语

你将会学到的

Exploit Development

Exploitation of Memory Corruption Vulnerabilities

Windows 10 Exploitation

Using Egg Hunters

ROP Chaining

DEP Bypass

ASLR Bypass

Unicode based Exploit Development

Bypassing Modern Windows Mitigation

要求

Familiarity with Windows OS

Basics of C/C++ Programming Language

Application Debugging

说明

Pwn-X Modern Windows Exploitation

Overview

Pwn-X Modern Windows Exploitation is a training on Exploit Development on Windows 10. It provides an opportunity to learn from the very basic to advanced techniques in exploit development. During this 3 day training, students will learn the fundamentals of exploit development from simple, direct RET overwrites and SEH based overwrites to Egghunters, Unicode Based Stack Buffer Overflow to Return Oriented Programming to defeat DEP on modern systems as well what are the exploit mitigation techniques used by Windows platform and how to bypass them.

Target Audience

Malware analysts, vulnerability researchers, red/blue teamers, penetration testers, people new to reverse engineering and almost anyone who wants to develop skills to understand how things work under the hood.

Table of Content

This is the list of modules and content of the modules that is covered in the training:

Module 0 – The Essentials

Introduction to the Training

What to Expect?

Setting up the lab

Getting Lab files

Module 1 – Getting Started with Exploit Development

Fundamentals of Buffer Overflow

Controlling EIP

Finding Bad Characters

Filtering Bad Characters

Choosing an appropriate Metasploit encoder

Gaining code execution

Introduction to mona python script

Module 2 – Understanding Windows Exploit Mitigation Techniques

Windows Exploit Mitigation Techniques

Understanding Stack Cookies

Bypassing Stack Cookies

Understanding SafeSEH

Bypassing SafeSEH

Understanding SEHOP

Bypassing SEHOP

Understanding Data Execution Prevention

Bypassing DEP

Understanding ASLR

Bypassing ASLR

Module 3 – Exploiting Structured Exception Handler Mechanism to get Code Execution

Understanding Structured Exception Handler

Corrupting the Structured Exception Handler Chain

Controlling the SEH Chain

Forcing an exception to get EIP control

Bypassing ASLR

Gaining Code Execution

Module 4 – Time for some Egg Hunting

What is an Egg Hunter?

When do you need to hunt for eggs?

Getting your hands dirty with egg-hunting

Finding a place to hold your shellcode

Getting Code Execution

Module 5 – Exploiting Unicode based Buffer Overflows

Understanding Unicode Fundamentals

Introduction to Unicode Transformation under Windows

Unicode Compatible Shellcodes

Venetian Padding to the rescue!

Exploitation of Unicode based Stack buffer overflows

Module 6 – The interesting world of ROP Chains

Quick refresher on DEP

Why do we need ROP?

What about ret2libc?

Introduction to ROP

Generating ROP chains automatically

Fixing broken ROP chains

Getting Shell

Module 7 – Next Steps

What did you learn till now?

Where to go from here?

此课程面向哪些人：

Malware analysts

Vulnerability researchers

Red/Blue Teamers

People new to Exploit Development

Students

CTF Players