BRING THE KNOWLEDGE TO YOU

Rather than send your employees to a training, instead bring the training to you. Private onsite training can be completely customized to meet your training needs.

About the instructor: Georgia Weidman

Georgia Weidman is a penetration tester, security researcher, and trainer. She holds a Master of Science degree in computer science, secure software engineering, and information security as well as holding CISSP, CEH, NIST 4011, and OSCP certifications. Her work in the field of smartphone exploitation has been featured in print and on television internationally. She has presented her research at conferences around the world including Shmoocon, Blackhat, Security Zone, and Bsides. Georgia has delivered highly technical security training for conferences, schools, and corporate clients to excellent reviews. Building on her experience, Georgia recently founded Bulb Security LLC (https://www.bulbsecurity.com), a security consulting firm specializing in security assessments/penetration testing, security training, and research/development. She was awarded a DARPA Cyber Fast Track grant to continue her work in mobile device security. She is the author of the upcoming book Penetration Testing: A Hands-on Introduction to Hacking from No Starch Press.

Abstract:

In this class we will start with introductory exploit development for Windows and Linux platforms. In class you will gain hands on experience finding vulnerabilities, writing working exploits from scratch, and porting public exploit code to meet your needs. We will start with the basics of stack based buffer overflows including saved return pointer and structured exception handler overwrites. We will look at dealing with space issues for shellcode such as egghunting and relative jumps. Then we will move onto bypassing more advanced anti-exploitation measures such as stack cookies, ASLR, DEP, etc. In addition to writing exploits from scratch we will look at public exploit code and porting it to fit our environment’s needs. We will also look at writing Metasploit modules and porting our exploits into Metasploit. Hands on labs for both Windows and Linux will be covered, exploiting real vulnerable programs. No previous programming or exploitation experience is required. Exploit skeletons will be provided for each exercise allowing students to focus on the attack string rather than programming syntax.

Outline:

Module 1: Stack Based Buffer Overflow Basics

Module 2: Structured Exception Handler Overwrites

Module 3: Simple Fuzzing

Module 4: Porting Public Exploit Code

Module 5: Writing Metasploit Modules

Module 6: Space Issues: Relative Jumps

Module 7: Space Issues: Shellcode Splitting

Module 8: Space Issues: Egghunter

Module 9: Bypassing ASLR

Module 10: Bypassing Data Execution Prevention

Prerequisites:

  • Laptop capable of running at least 2 virtual machines simultaneously.
  • Vmware product (Player, Workstation, or Fusion)
  • Kali Linux Virtual Machine: http://www.kali.org
  • No programming experience is required. Exploit skeletons will be provided for each exercise.

Students will be provided with:

  • Target virtual machines (Windows XP, Windows 7, Ubuntu, ARM). Windows virtual machines will be 30 day trials that will expire unless the student provides a license key. If possible, download details will be made available a week prior to class.
  • Detailed Slides
  • Lab Manual

Abstract:

This course will give you hands-on experience in many facets of penetration testing. We will briefly touch on the basics of using Kali Linux as well as programming and scripting. We will study the Metasploit Framework before using it and supporting tools to simulate a penetration test against target virtual machines. Starting with information gathering, we will move through the phases of penetration testing. The class will begin with basic, easily exploitable vulnerabilities, but will also cover the latest client side issues being exploited in the wild. This course will heavily focus on post exploitation techniques such as privilege escalation, lateral movement, and pivoting. We will study advanced techniques such as bypassing anti-virus and IDS systems. The basics of developing exploits manually will be covered. We will turn our custom exploits into Metasploit modules. Finally, we will take a look at the rapidly developing field of mobile hacking. The course will finish with a live capture the flag environment where students can test what they have learned.

Outline:

Module 1: Using Kali Linux

Module 2: Programming

Module 3: Using Metasploit

Module 4: Information Gathering

Module 5: Vulnerability Identification

Module 6: Capturing Traffic

Module 7: Exploitation

Module 8: Password Attacks

Module 9: Client Side Attacks

Module 10: Social Engineer Toolkit

Module 11: Bypassing Detection

Module 12: Post Exploitation

Module 13: Web Application Assessments

Module 14: Wireless Attacks

Module 15: Exploit Development

Module 16: Developing Metasploit Modules

Module 17: Mobile Attacks

Module 18: Capture the Flag

Prerequisites:

  • Laptop capable of running at least 2 virtual machines simultaneously.
  • Vmware product (Player, Workstation, or Fusion)
  • Kali Linux Virtual Machine: http://www.kali.org
  • Linux will be used extensively in this class. We will cover the basics briefly in the first module, but some prior knowledge is helpful. Likewise no prior programming knowledge is required though it will be helpful in the exploit development module. Some programming and scripting will be covered at the beginning of class.

Students will be provided with:

  • Target virtual machines (Windows XP, Windows 7, Ubuntu). Windows virtual machines will be 30 day trials that will expire unless the student provides a license key. If possible, download details will be made available a week prior to class.
  • Detailed Slides
  • Lab Manual
  • Access to an online VPN with additional targets for capture the flag. Additional online lab time will be provided after class.