Training Session Part 10 – Practical Reversing V – Exploit Development Basics

Here is the quick update from our this month’s Local Security meet (sx/null/g4h/owasp) where Harsimran/Amit had delivered a splendid session on ‘Practical Reversing V  –  Exploit Development Basics’. This is part of our ongoing FREE ‘Reversing & Malware Analysis Training’ started since our Jan 2012 meet.



 

Harsimran was supposed to deliver this presentation. However he could not due to some personal work at his end. But he managed to put up really good presentation in time and then Amit pitched in to deliver it in style.  In this session, he covered the basics of Exploit Development using demonstration of EIP Overwrite and SEH Exploitation. Due to nature of high technicality, this was one of the most difficult session to deliver and he did pretty good job.

Another good news is that now we have really nice and big conference venue (thanks to null crew and ThoughtWorks). And once again we had witnessed great audience with more than 50 people turning up.


This presentation is already on our Security Presentations page. For those who could not attend this offline session, it also includes Demonstration Video 1 & Demonstration Video 2. Video is not visible on live presentation (issues with slideshare). So you need to download it offline to view the embedded video in presentation.


Special Thanks to Harsimran/Amit for finishing up the tough job in style and turning it into a great interactive session !

Our next session will be on ‘Practical Reversing VI – Exploit Development Advanced’ where Amit will be covering some of advanced stuff involved in Exploit Development along with various protection mechanisms.


So stay tuned to our next meet for yet another exciting session.


Similar posts
  • Code Injection and API Hooking Techni... Hooking covers a range of techniques used for many purposes like debugging, monitoring, intercepting messages, extending functionality etc. Hooking is also used by a lot of rootkits to camouflage themselves on the system. Rootkits use various hooking techniques when they have to hide a process, hide a network port, redirect file writes to some different [...]
  • Advanced Malware Analysis Training Se... Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) and our advanced malware training session on (Part 2) Dissecting the HeartBeat  RAT Functionalities   This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012.       In this extended session, I explained “Decrypting various Communications Of HeartBeat [...]
  • Advanced Malware Analysis Training Se...   Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) and our advanced malware training session on (Part 1) Reversing & Decrypting Communications of HeartBeat RAT This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012.       In this extended session, I explained “Decrypting The [...]
  • Detailed Overview and Internals of PE... A win32 portable executable(PE) file consists of: DOS Header, PE Header, Section Table, Sections. Analyzing a PE file gives us a lot of information like the address in memory where the file will be located (ImageBase), address of entry point, imported and exported functions, packed or unpacked etc. Thus this static analysis can indicate whether [...]
  • SEH Exploitation to Get Shell Access   Structured Exception Handling is a mechanism for handling both hardware and software exceptions in Windows OS. Structured exception handling enables us to have complete control over the handling of exceptions and it also provides support for debuggers as well. SEH exploitation is based on stack buffer overflow technique. It becomes easy to exploit a [...]

Leave a Reply

Our Company

Follow us on Facebook


Join Mailing List

Get direct access to our expert trainers or mingle with like minded security folks in our mailing list