The Advanced Software Exploitation (ASE) course offers security professionals an opportunity to test and develop their skills like never before. During this course, students will learn to identify common vulnerabilities and then use them to develop exploits for a wide range of software applications, including popular Windows applications, interpreted languages, and Web browsers.
In the first half of the course, attendees will use fuzzing, reverse engineering, and source code auditing, to attack a wide variety of applications (e.g. iTunes, Firefox, Vulnserver, etc.) and then use proven exploitation techniques to develop an exploit for one of the VMs (Windows 7, Windows 8.1 and Windows 10).
Then, in the second half of the course, the focus will shift from classic vulnerabilities to more advanced ones. In this section, students will learn how to escape Java sandbox using a type confusion vulnerability, how to circumvent the ASLR without pointer leaks, and how to use precise heap spraying, just to name a few.
By the end of this course, students will know how to find software vulnerabilities using fuzzing, reverse engineering, and source code auditing, and then how to write their own exploits in Python, JavaScript, or Java.
Fundamentals: Intro
Fundamentals: Stack Buffer Overflow
Fundamentals: Structured Exception Handler Overwrite
File Format Fuzzing: Intro
File Format Fuzzing: The Peach Fuzzer
Network Protocol Fuzzing: Vulnerability Discovery
Network Protocol Fuzzing: Exploitation
Attacking Web Browsers: Vulnerability Discovery
Attacking Web Browsers: Exploitation
Practical Patch Diffing
Exploiting vulnerabilities in the Oracle JVM: Vulnerability Discovery
Exploiting vulnerabilities in the Oracle JVM: Exploitation
Advanced Windows exploitation
Conclusion
This intensive three-day course is designed to teach the fundamental investigative techniques needed to respond to today’s cyber threats. The fast-paced course is built upon a series of hands-on labs that highlight the phases of a targeted attack, sources of evidence and principles of analysis. Examples of skills taught include how to conduct rapid triage on a system to determine whether it is compromised, uncover evidence of initial attack vectors, recognize persistence mechanisms and investigate an incident throughout an enterprise. Although the course is focused on analyzing Windows-based systems and servers, the techniques and investigative processes are applicable to all systems and applications. The course includes detailed discussions of common forms of endpoint, network and file-based forensic evidence collection and their limitations as well as how attackers move around in a compromised Windows environment. The course also explores information management that enriches the investigative process and bolsters an enterprise security program. Discussion topics include the containment and remediation of a security incident, and the connection of short-term actions to longer-term strategies that improve organizational resiliency.
Sophisticated attackers frequently go undetected in a victim’s network for an extended period. Attackers can blend their traffic with legitimate traffic that only skilled network analysts know how to detect. This course shows learners how to identify malicious network activity. The course provides an overview of network protocols, network architecture, intrusion detection systems, network traffic capture and traffic analysis. Learners review the types of network monitoring and the tools commonly used to analyze captured network traffic. The course also explores the best techniques for investigating botnets and how to use honeypots in network monitoring. The course includes lectures and hands-on lab sessions to reinforce technical concepts.
Maldev Academy is a comprehensive malware development course that focuses on x64 malware development, providing knowledge from basic to advanced level. The course is primarily designed for individuals in offensive security, but it also caters to beginners who have no prior experience in malware development.
Process Injection
Compile-Time API Hashing
Payload Execution Control
IAT Hiding & Obfuscation
API Hooking
Direct/Indirect Syscalls
PPID Spoofing
Static Evasion
Anti-Debugging Techniques
Entropy Reduction
Detecting Sandboxes
NTDLL Unhooking
Payload Staging
Argument Spoofing
Malware Compilation