Security for Hackers and Developers: Exploit Development

Focused View

Dr. Jared DeMott

1:47:38

16 View

01-01 - Course Overview -- Course Overview.mp4

01:36

02-01 - Auditing, Debugging, and Vulnerabilities -- Introduction to Exploitation.mp4

09:11

02-02 - Auditing, Debugging, and Vulnerabilities -- Bug Hunting and Debugging Demo.mp4

14:24

02-03 - Auditing, Debugging, and Vulnerabilities -- Lab Assignment and Module Summary.mp4

00:50

03-01 - Understanding a Function Pointer Overwrite -- Stack and Function Pointer Overwrites.mp4

06:22

03-02 - Understanding a Function Pointer Overwrite -- Function Pointer Exploit Demo.mp4

06:13

03-03 - Understanding a Function Pointer Overwrite -- Lab and Summary.mp4

00:49

04-01 - Exploiting a Windows Server Using Shellcode -- Shellcoding.mp4

05:36

04-02 - Exploiting a Windows Server Using Shellcode -- Shellcoding Demo.mp4

05:00

04-03 - Exploiting a Windows Server Using Shellcode -- More on Shellcoding and Its Use in the Coming Demo.mp4

03:52

04-04 - Exploiting a Windows Server Using Shellcode -- Windows Server Exploit Demo.mp4

13:34

04-05 - Exploiting a Windows Server Using Shellcode -- Defenses and Summary.mp4

04:06

05-01 - Exploiting a Basic Browser Bug -- Exploiting Browsers with Heap Sprays.mp4

08:12

05-02 - Exploiting a Basic Browser Bug -- Demo a Heap Spray Exploit.mp4

05:58

05-03 - Exploiting a Basic Browser Bug -- Discussing Mitigations and Summary.mp4

02:30

06-01 - Applying Return-oriented Programming -- Bypass ASLR, Pivot, and ROP.mp4

10:29

06-02 - Applying Return-oriented Programming -- Demo Bypassing ASLR, Pivot, and ROP.mp4

06:12

06-03 - Applying Return-oriented Programming -- Future Exploit Learning and Summary.mp4

02:44

Description

Developers are busy, but understanding how to exploit software will help you properly prioritize security critical bugs. This course will teach you basic exploits, shellcoding, and return-oriented programming (ROP).

What You'll Learn?

With developers so overloaded, why should you prioritize security fixes? Because hackers are probably writing exploits against your product right now. You need to learn what that process entails to enable a deeper appreciation for the serious defenses needed. In this course, Security for Hackers and Developers: Exploit Development, you'll learn the ins and outs of how to write basic exploits. First, you'll explore control-flow hijacks such as function and return pointer overwrites. Next, you'll cover how to create and debug shellcode. Finally, you'll discover how to overcome common security mitigations using return-oriented programming (ROP). By the end of this course, you’ll know how to exploit programs with confidence, which gives you the skills to defend software, write exploits, or reverse engineer malware.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Ethical Hacking

Penetration Testing

Dr. Jared DeMott

Instructor's Courses

Dr. Jared DeMott is an engineer, entrepreneur, and security leader. DeMott previously served as a vulnerability analyst with the NSA. He holds a PhD from Michigan State University. He regularly speaks on cyber matters at conferences like RSA, DerbyCon, BlackHat, ToorCon, GrrCon, HITB, etc. He was a finalist in Microsoft’s BlueHat prize contest, which helped make Microsoft customers more secure. Dr. DeMott has been on three winning Defcon capture-the-flag teams, and has been an invited lecturer at prestigious institutions such as the US Military Academy. Jared is a Pluralsight author, and is often interviewed by Media to weigh in on cyber matters.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.