ＨｉｄｅＺｅｒｏＯｎｅ

Android Userland & Kernel Fuzzing and Exploitation Step into the realm of comprehensive Android security with our integrated “Android Userland and Kernel Fuzzing and Exploitation” course. Designed for both novices and seasoned professionals, this course offers an extensive curriculum that covers the spectrum of Android vulnerabilities and their exploitation.

Starting with the Userland component, learners will grasp how to detect bugs in Android Userland Applications and exploit memory corruptions. The course provides a deep understanding of ARM assembly, reverse engineering, and the development of robust exploits, bypassing exploit mitigations like NX and ASLR. With 43 labs across 9 modules, students will employ advanced fuzzing techniques to pinpoint exploitable vulnerabilities.

The journey continues as we pivot to the Android kernel on the second day, where the intricacies of kernel internals, such as memory allocators and driver programming, are unraveled. Students will learn to discover bugs using kernel fuzzing techniques, including the use of sanitizers and Syzkaller. The course will guide attendees through the construction of kernel exploits crucial for sandbox escape, examining real-world vulnerabilities and the art of kernel debugging.

In Certified Ethical Hacker Elite Course You will understand how to use open-source intelligence to your advantage. Further, you will discover how to analyze and interpret network protocols and leverage Wireshark. Moving ahead, you will learn how to perform ethical hacking using Nmap. You will also learn how to perform information gathering and enumeration of Windows-specific services with Nmap and OpenVAS. You will then understand how hackers use session hijacking to attack an organization and the techniques to prevent it.

Syllabus

Open Source Intelligence
Wireshark for Ethical Hackers
Ethical Hacking with Nmap
Windows Penetration Testing Essentials
Session Hijacking and Prevention Techniques
Power of Next Generation Firewalls
OWASP Top 10 Security Fundamentals
Burp Suite: Web Application Penetration Testing
Deep Dive into Network Assessments
Applied Secure Smart City

EC-Council – Certified Ethical Hacker Elite

A non-exhaustive set of topics covered include:

• Pentesting Routers
• Attacking SSH with Metasploit, Nmap, Medusa, Hydra, Ncrack
• SNMP attacks
• Bypassing Firewalls
• Payloads and Shells
• HTTP/HTTPS tunneling
• Port Forwaring, Pivoting, Reverse Connects
• Privilege Escalation and UAC bypass
• Hash Dumping and Mimikatz
• Windows Sessions, Stations and Desktops
• Impersonation attacks
• WMIC post exploitation
• Hidden bind shells
• Bitsadmin
• Browser Password Recovery
• PAC Attacks
• DNS Poisoning
• Veil Framework and AV Evasion
• Metasploit Loader 32/64-bit
• DLL Hijacking basics
• DLL Hijacking and Meterpreter
• Privilege Escalation via DLL Hijacking
• DLL Injection using Appinit_DLLs
• Stripping Manifest Files for DLL Hijacking
• Attacking with DLL Forwarding
• Anti-Forensics techniques
• Memory Dumping and Analysis
• … ton of other interesting topics

Pentester Academy – Network Pentesting

Pentester Academy – Web Application Pentesting

This course will cover the basics of using GDB on Linux – x86, x86_64 and ARM based platforms.

Syllabus

Course Introduction and Debugging Basics   

What’s Up With The Symbol Files?

Analyzing Symbols With Nm

System Call Tracing With Strace

Breakpoints, Examining Registers And Memory

Modifying Registers And Memory

GDB Convenience Variables And Calling Routines

Cracking A Simple Binary With Debug Symbols

Disassembling And Cracking A Simple Binary

Conditional Breakpoints Using Variables And Registers

Setting Up Debian Armel In Qemu

Cracking A Simple Program On Arm Architectures

Iphone Application Reversing And Cracking With Gdb

Gdb On 64 Bit Systems