Jump to content
NO-MERCY

Exploit Development Course 2015 - Excellent Series

Recommended Posts

Posted

Hello RST :

Exploit Development Course 2015 --> Free

Preface

Hi and welcome to this website! I know people don’t like to read prefaces, so I’ll make it short and right to the point.

This is the preface to a course about Modern Windows Exploit Development. I chose Windows because I’m very familiar with it and also because it’s very popular. In particular, I chose Windows 7 SP1 64-bit. Enough with Windows XP: it’s time to move on!

There are a few full-fledged courses about Exploit Development but they’re all very expensive. If you can’t afford such courses, you can scour the Internet for papers, articles and some videos. Unfortunately, the information is scattered all around the web and most resources are definitely not for beginners. If you always wanted to learn Exploit Development but either you couldn’t afford it or you had a hard time with it, you’ve come to the right place!

This is an introductory course but please don’t expect it to be child’s play. Exploit Development is hard and no one can change this fact, no matter how good he/she is at explaining things. I’ll try very hard to be as clear as possible. If there’s something you don’t understand or if you think I made a mistake, you can leave a brief comment or create a thread in the forum for a longer discussion. I must admit that I’m not an expert. I did a lot of research to write this course and I also learned a lot by writing it. The fact that I’m an old-time reverse engineer helped a lot, though.

In this course I won’t just present facts, but I’ll show you how to deduce them by yourself. I’ll try to motivate everything we do. I’ll never tell you to do something without giving you a technical reason for it. In the last part of the course we’ll attack Internet Explorer 10 and 11. My main objective is not just to show you how to attack Internet Explorer, but to show you how a complex attack is first researched and then carried out. Instead of presenting you with facts about Internet Explorer, we’re going to reverse engineer part of Internet Explorer and learn by ourselves how objects are laid out in memory and how we can exploit what we’ve learned. This thoroughness requires that you understand every single step of the process or you’ll get lost in the details.

As you’ve probably realized by now, English is not my first language (I’m Italian). This means that reading this course has advantages (learning Exploit Development) and disadvantages (unlearning some of your English). Do you still want to read it? Choose wisely :)

To benefit from this course you need to know and be comfortable with X86 assembly. This is not negotiable! I didn’t even try to include an assembly primer in this course because you can certainly learn it on your own. Internet is full of resources for learning assembly. Also, this course is very hands-on so you should follow along and replicate what I do. I suggest that you create at least two virtual machines with Windows 7 SP1 64-bit: one with Internet Explorer 10 and the other with Internet Explorer 11.

I hope you enjoy the ride!

Contents

WinDbg

Mona 2

Structure Exception Handling (SEH)

Heap

Windows Basics

Shellcode

Exploitme1 (ret eip overwrite)

Exploitme2 (Stack cookies & SEH)

Exploitme3 (DEP)

Exploitme4 (ASLR)

Exploitme5 (Heap Spraying & UAF)

EMET 5.2

Internet Explorer 10

Reverse Engineering IE

From one-byte-write to full process space read/write

God Mode (1)

God Mode (2)

Use-After-Free bug

Internet Explorer 11

Part 1

Part 2

Regards

NO-MERCY

PDF'S Soooooooon :)

Source : http://expdev-kiuhnm.rhcloud.com/2015/05/11/contents/

  • Upvote 1
Posted (edited)

All In One Pdf Finished Today : :-/

Final_Cover.jpg?sbsr=977ed21e0f3a3b9fdf38b4e967f84836316a480348df944e&lgfp=3000

Details :

File: Modern Windows Exploit Development.pdf

Size: 19.0 MB

Pages: 529

CRC-32: 0c5c697f

MD4: 5ed2b468e7d5e0d6938205cd5964354b

MD5: 38a36b37a5105195795e57edde6cb217

SHA-1: bd23cc60c3508ecbb7fb87ec02ceb774d89ff49e

Download :

Modern Windows Exploit Development - Download - 4shared - NO-MERCY AT4RE

Regards

NO-MERCY

FileShare Download Modern Windows Exploit Development.pdf (by: Church)

https://mega.nz/#!9lwRnAAB!Hw0pP7NMLfdcE8saw0uI9coAG2a_0xckiL9IMhUJz_Y (by: m4v3rick)

https://drive.google.com/file/d/0B8sHjc3kJKQrUTYxSkpldy01ZWs/view (By:Unknown)

Edited by NO-MERCY
Img link Updated & Others Links
Posted

If I may make a suggestion: preserve the links when converting to PDF. That way the download links are valid. Or at least annotate the URLs somewhere.

Posted
If I may make a suggestion: preserve the links when converting to PDF. That way the download links are valid. Or at least annotate the URLs somewhere.

thx .. I'll try to Make Final Edition Soon

u Know it's Take Very Very Long Time

But Promise .. tO be Continue .. :)

you Mean all links in pdf or just pics hyperlinks or you don't trust any Damn link :(

Greetings ;)

Posted

No, I meant the download links. For example on Mona 2 - Exploit Development Community you have

1. Install Python 2.7 (download it from here)
The last word in parenthesis "here" is a link to the python website.

I was suggesting you preserve those in the PDF, because if the example I gave here is quite trivial to figure out / Google, the next one is kind of impossible for me

Download the right zip package from here, and extract and run vcredist_x86.exe and vcredist_x64.exe.
where "here" refers to Python extension for WinDbg - Home.

Or if there is a security concern, just annotate on the page somehow the url(s).

Just my two cents.

Either way stellar work.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...