Writing Security Tools and Exploits

· Write Solid Shellcode
Learn the techniques used to make the most out of vulnerabilities by employing the correct shellcode.

· Reverse Connection Shellcode
See how reverse connection shellcode makes a connection from a hacked system to a different system where it can be caught using network tools such as netcat.

· Buffer Overflow Exploits
Find techniques to protect against buffer overflows such as allocating buffers for string operations dynamically on the heap.

· Heap Overflows
Heap overflows have become the most prominent software security bugs. See how they can have varying exploitation techniques and consequences.

· Format Strings
Format string vulnerabilities occur when programmers pass externally supplied data to a printf function (or similar) as part of the format string argument.

· Race Conditions
Nearly all race condition exploits are written from a local attacker’s perspective and have the potential to escalate privileges, overwrite files, or compromise protected data.

· Exploitable Integer Bugs
See how integer bugs are harder for a researcher to spot than stack overflow vulnerabilities and learn why the implications of integer calculation errors are less understood by developers as a whole.

· Code for Nessus
Use NASLs to check for security vulnerabilities or misconfigurations.

· Metasploit Framework (MSF)
Use MSF and its components, msfweb, msfconsole, and msfcli, as an exploitation platform.

· Meterpreter Extensions
Use the power of the Meterpreter payload system to load custom-written DLLs into an exploited process’s address space.