You will learn the exploit dev SDLC. Fuzz to identify vulns, crash the app, replicate crash, overwrite EIP, develop PoC, weaponize it with shellcode, turn your exploit into a metasploit module, & simulate a MSF git pull request. Old, & current Windows memory protections will be discussed. – Exploit Development life cycle – Bypass current memory protections in Windows 7 i386 software, ie… SafeSEH/DEP/ASLR – Fuzzing 101 // Will actually write a Ruby script from scratch – Shellcode 101 & creation // Will actually write a Ruby script from scratch – Use of Immunity for means of software exploitation on the Wintel i386 architecture – Control the flow of programs by overwriting EIP, and ESP, and filtering out bad characters when good shellcode fails // Will actually write a Ruby script from scratch – Learn how to write intelligent fuzzing scripts in the Ruby language for the FTP protocol // Will actually write a Ruby script from scratch – Students will actually write their own scripts that take advantage of a known buffer overflow and get both a reverse shell, and a bind shell on remote target machines – Turn the script into a Metasploit module – Simulate a Metasploit git pull request
I have 9 years of proven experience in defensive security from 2003-2008, and offensive security from 2008-current. I enjoy being part of a dedicated team, but I am also successful working as an independent security/vulnerability/exploit researcher. I stay updated by tracking the latest vulnerabilities and collecting malware in the wild. I verify vulnerabilities by creating, analyzing, and or running PoC exploit code. I work well with others, and also have an easy-going bright personality. I enjoy working on tough projects, teaching people, and getting the job done right the first time even under stressful situations. Avid follower of the PTES framework.