lecture: Exploit Development for N00bs
Introduction to Vulnerabilities and Exploit Development
This lecture aims to provide attendees with an introduction to vulnerability discovery and exploit development. We will go over the basics of vulnerability discovery with an emphasis on fuzzing and move to the exploitability concepts. Principles of shellcode and exploit development will be shown.
At the end of this introductory lecture, attendees will have enough information to;
Build their own vulnerability discovery lab
Understand different kinds of vulnerabilities
Know where to look for vulnerabilities in software
Use fuzzers or scripts to find vulnerabilities
Understand the concept of exploitability
Gain a general understanding of shellcodes
The following topics will be covered during the lecture;
a. Epic fails resulting from software vulnerabilities
b. Why are there software vulnerabilities?
c. Vulnerabilities and the "Secure Development Lifecycle"
d. Most common types of vulnerabilities
2. Finding vulnerabilities
a. How are vulnerabilities found?
b. Basic vulnerability research lab setup
c. Where should we look for vulnerabilities?
d. Checking the vulnerability
a. Checking “exploitability”
b. Writing the Proof-of-concept
c. Writing the shellcode
d. Testing the exploit
Presentation slides will be supported with live demonstrations.
Attendees that wish can register for a FREE online exam at the end of the lecture. Scores above 70% will receive a certificate for "Introduction to Vulnerabilities and Exploit Development".
Start time: 12:00