- Windows Exploit Development
- Basics of Buffer Overflow
- Protocol and File Format Fuzzing
- SEH Overwrite
- Multi-stage exploits
- Have basic knowledge of Kali Linux, Fuzzing, Assembly language, Immunity Debugger
Note: To know about offers on this course, check out our website https://yaksas.in
About the course
This course will teach you the basics of exploiting a buffer overflow vulnerability. It follows the six stages of exploit development and gives a detailed walk-through of each. Each module starts by identifying the vulnerability via fuzzing. You'll learn both, protocol fuzzing (using Spike) and file format fuzzing (using FileFuzz). It then shows you how to create a PoC to trigger the vulnerability and convert that PoC into a working exploit.
Through this course you will get introduced to various tools such as Immunity Debugger, Mona library for Immunity Debugger, Metasploit, msfvenom, Spike, File Fuzz and much more. This course is designed to be short and concise yet packed with practical knowledge.
Each video includes learning resources (in video) and associated files (pdf slides, fuzzing scripts, python script etc.). You can just follow along and create a working exploit. It's that simple. Happy hacking!
What our fellow students say about this course
"Course goes from the basics through to what the OSCP teaches you. Highly recommended, still enjoying the material." - Michael Ross
"Best course I have taken thus far that explains buffer overflows in a way that you can easily try on your own home lab. Instructor is easy to understand, doesn't rush through the material and explains step - by - step." - William Daugherty
"Awesome course; clear and to-the-point; very helpful for understanding Buffer Overflow..." - Zeeshan
Uday Mittal (OSCE, OSCP, CISSP, CISA, CISM, DCPP) is the founder of Yaksas CSC. He has over 6 years of experience in dealing with various issues related to cyber security. He is actively working towards educating people on cyber security risks and steps to mitigate them. His areas of interest include exploitation research, malware analysis, red teaming, VAPT etc.