Our Exploit Development course is meticulously crafted to equip you with the advanced skills required for modern exploit development, focusing on practical, hands-on learning. We begin with a comprehensive scenario involving the development of an exploit for an older software named Syncbreeze Enterprise. This scenario covers crucial aspects such as exploiting buffer overflows (BoF), bypassing Data Execution Prevention (DEP), and writing Return Oriented Programming (ROP) chains. You will also learn to use your own developed shellcode stager, utilize ROP to encode and decode shellcode to escape bad characters, and ultimately run the final shellcode to gain a reverse shell. This scenario is particularly beneficial for those preparing for the OSED certification, as it uses the same vulnerable software, providing a solid foundation and understanding. The course further delves into assembly programming from an exploit developer's perspective, with practical training sessions. Understanding the mathematics behind exploit development is also a key focus, where you'll learn arithmetic operations in assembly. Debugging is another critical skill, and you'll become proficient with WinDBG through hands-on exercises and examples. Starting with simpler concepts, you'll explore vanilla stack buffer overflows, structured exception handler (SEH) overflows, and techniques to handle limited space using egghunting and jump instructions. Advanced topics include mastering the art of ROP, understanding its concepts, walking through ROP puzzles, and using ROP automatic encoders and decoders. The course also covers shellcoding, teaching you how to write shellcode stagers, bind shellcode, reverse shellcode, and how to encode and decode shellcode with ROP. Additionally, you'll gain skills in easy reverse engineering, bypassing Data Execution Prevention (DEP), and handling Address Space Layout Randomization (ASLR). Through this course, you will not only learn the technicalities of exploit development but also the practical applications and the skills necessary to excel in this challenging field.
