Pentester Academy

Duration: 15h 7m | Video: h264, 1280x720 | Audio: AAC, 48kHz, 2 Ch | 2.7 GB

Genre: eLearning | Language: English

This course will familiarize students with all aspects of reverse engineering (reversing) Linux 32-bit applications for the purposes of locating flaws and developing exploits. By the end of this course students will be able to understand, locate, and exploit all of the common flows in 32-bit Linux software. These flaws include, but are not limited to, buffer overflow, heap overflows, format string flaws, section overflows, and kernel flaws. Along the way students will gain a better understanding of how Linux 32-bit applications work and will be exposed to a number of common reversing tools such as specialized debuggers (IDA Pro) and fuzzers. As always, you will also learn how to leverage Python and other scripting tools in order to automate the discovery and exploitation of software flaws.

A non-exhaustive list of topics to be covered includes:

Getting started

Acquiring software

Virtualization

Debuggers

IDA Pro

Freeware Linux debuggers

Scripting tools

Decompilers

Fuzzers

Setting up your testing environment

A little Assembly

Basics of 32-bit Intel Assembly

Calling conventions used by Linux

Stack overflows

Theory

Locating

Calculating offsets

Payload delivery

Exploit techniques

Stack protectors

Heap overflows

Theory

Locating

Payload delivery

Exploit techniques

Format string flaws

Theory

Locating

Payload delivery

Exploit techniques

Section overflows and kernel flaws

Theory

Locating

Payload delivery

Exploit techniques

Automation

Automating flaw discovery

Python

Shell scripting

Fuzzers

Shellcoding basics

Theory

Where to get shell code

Writing your own shell code

Metasploit

Creating exploit modules

Avoiding detection