Version v.1.0

lecture: Exploit Development for N00bs

Introduction to Vulnerabilities and Exploit Development

Mix8-150ppp

This lecture aims to provide attendees with an introduction to vulnerability discovery and exploit development. We will go over the basics of vulnerability discovery with an emphasis on fuzzing and move to the exploitability concepts. Principles of shellcode and exploit development will be shown.

At the end of this introductory lecture, attendees will have enough information to;
Build their own vulnerability discovery lab
Understand different kinds of vulnerabilities
Know where to look for vulnerabilities in software
Use fuzzers or scripts to find vulnerabilities
Understand the concept of exploitability
Gain a general understanding of shellcodes

The following topics will be covered during the lecture;
1. Introduction
a. Epic fails resulting from software vulnerabilities
b. Why are there software vulnerabilities?
c. Vulnerabilities and the "Secure Development Lifecycle"
d. Most common types of vulnerabilities

2. Finding vulnerabilities
a. How are vulnerabilities found?
b. Basic vulnerability research lab setup
c. Where should we look for vulnerabilities?
d. Checking the vulnerability

3. Exploitation
a. Checking “exploitability”
b. Writing the Proof-of-concept
c. Writing the shellcode
d. Testing the exploit

Presentation slides will be supported with live demonstrations.

Attendees that wish can register for a FREE online exam at the end of the lecture. Scores above 70% will receive a certificate for "Introduction to Vulnerabilities and Exploit Development".

Info

Day: 2015-09-12
Start time: 12:00
Duration: 02:00
Room: Pupin

Links:

Feedback

Click here to let us know how you liked this event.

Concurrent events

Milankovic
Touchless Control in Our World
Tesla
Invisible Infrastructures