null Bangalore Humla 12 August 2023 Exploit Development Register

Saturday August 12 2023 09:30 AM Humla Bangalore

Null offensive hacking hands-on training.

Proposed sessions for this event:

  • Exploit Development by Manish
Note: The session details including schedule are available below.

Workshop on Exploit Development

:

  1. Introduction to Exploit Development

    • Understanding the fundamentals of exploit development
    • The importance of security research and responsible disclosure

  2. Basic of Windows and Linux Concepts

    • Overview of Windows and Linux operating systems
    • Memory management and process architecture
    • Understanding assembly language (x86 and x64)

  3. Fuzzing and Crash Analysis

    • Introduction to fuzzing and its importance in exploit development
    • Setting up a basic fuzzing environment
    • Analyzing crash dumps and identifying potential vulnerabilities

  4. Finding Offset and Overwriting EIP

    • Understanding the concept of EIP (Extended Instruction Pointer)
    • Locating the offset to control EIP
    • Overwriting EIP with a controlled value

  5. Finding Bad Characters

    • Identifying and dealing with bad characters in shellcode
    • Creating a custom character set to avoid bad characters

  6. Stack-based Buffer Overflow

    • Introduction to stack-based buffer overflow vulnerabilities
    • Identifying vulnerable applications
    • Crafting and sending exploit

  7. Introduction to Egg Hunting

    • Understanding the need for egg hunting in exploit development
    • Implementing and integrating an Egghunter

  8. Return-Oriented Programming (ROP)

    • Understanding ROP gadgets and their role in evading exploit defenses
    • Developing a ROP-based exploit

  9. Conclusion and Next Steps

    • Recap of key concepts and techniques learned
    • Guidance on further resources and opportunities for advanced exploit development

Hardware requirements:

  1. System with admin rights and VT-x enabled
  2. Minimum 4GB RAM and 200 GB Hard-Disk space
  3. Bring Your Own Internet

Software requirements:

  1. VMWare Workstation/Player:
  2. Windows VM : Download (Use 7zip to extract VM files)
  3. Linux VM: download (Use 7zip to extract VM files)
  4. Challenges (will be uploaded by August 9th):

Prior Knowledge:

  1. Understanding of python
  2. Basic Understanding of Assembly Language
  3. Good to have - Windows and Linux internals

Let's get started! If you have any questions during the workshop, feel free to ask the instructor for assistance.

Date Saturday August 12 2023
Chapter Bangalore
Registrations 30
Max Registrations 30
Event Type Invite Only
Start Time 09:30 AM
End Time 04:00 PM

Session Schedule

Name Speaker Start Time End Time Resources
Exploit Development Manish 09:30 AM 04:00 PM

Venue

This is an invite only event. If you are selected you will receive further information via e-mail.