This introduction to the world of exploit development will teach you how to start writing stack based exploits on the Linux and Win32 platforms. We will break out a couple debuggers to see what buffer overflows look like and discuss methods that take advantage of them. You will learn how basic protection mechanisms behave, such as canaries, and discover ways to circumvent them. In the process, you will come to love how Assembly looks in the dim glow of your monitor and that moving bytes around a stack is not as scary as it sounds. This will be a hands-on class, so prepare to get your feet wet. If you are willing to take the red pill, I'll help you discover how deep the rabbit hole can go.
About the Instructor:
Pandatrax has been working in the information security field for 18 years. He is currently a lead security engineer on a malware analysis and forensics team for a multinational company. Prior to this role, he has worked in multiple security fields including network intrusion analysis, firewall management, malware protection, as well as UNIX and wireless security. Exploit development is a hobby that he does in his free time. He loves to figure out how things work and sharing information with anyone that will listen to him.
It is recommended that students have the following: - The ability to administer Linux/Windows systems in virtual environments. - The ability to read/write simple scripts. - The desire to take things apart and understand how things really work.
Students are required to bring their own laptops with the following requirements: - Laptops need enough processing power and RAM (4GB of RAM recommended) to run up to 2 virtual machines at the same time. - VMWare Workstation or VirtualBox (No VMWare Player, need the ability to take snapshots) - Windows 7 SP1 Virtual Machine - Kali Linux - You must have admin rights on all of your systems in order to install/remove software, disable/remove antivirus/firewall, etc.
Please be aware that VM installation instructions will be sent after registration.
Save yourself time and wait for them before building the VMs!!!*
Please contact @pandatrax on twitter with any questions about the course content.
Please contact BSidesCHS@gmail.com with any questions regarding anything else.
As with all of our classes and events, we sometimes need to cancel or reschedule classes; therefore, we reserve the right to cancel our classes for any reason. Please plan accordingly in terms of your reservations etc. (out of towners, listen up) - for example make hotel reservations that can be canceled without penalty, same for travel.
Minimum Attendance Announcement:
This class will need at least 30 paying Students to be held or we'll consider cancelling it. So please help us get the word out!