Developers are busy, but understanding how to exploit software will help you properly prioritize security critical bugs. This course will teach you basic exploits, shellcoding, and return-oriented programming (ROP).
With developers so overloaded, why should you prioritize security fixes? Because hackers are probably writing exploits against your product right now. You need to learn what that process entails to enable a deeper appreciation for the serious defenses needed. In this course, Security for Hackers and Developers: Exploit Development, you'll learn the ins and outs of how to write basic exploits. First, you'll explore control-flow hijacks such as function and return pointer overwrites. Next, you'll cover how to create and debug shellcode. Finally, you'll discover how to overcome common security mitigations using return-oriented programming (ROP). By the end of this course, you’ll know how to exploit programs with confidence, which gives you the skills to defend software, write exploits, or reverse engineer malware.
Dr. Jared DeMott is an engineer, entrepreneur, and security leader. He holds a PhD from Michigan State University. He regularly speaks on cyber matters at conferences like RSA, DerbyCon, BlackHat, ToorCon, GrrCon, HITB, etc. Jared is a Pluralsight author, and is often interviewed by Media to weigh in on cyber matters.
Course Overview Hi everyone, my name is Dr. DeMott, and welcome to my course on Exploit Development. This is the fifth and final course in the Security for Hackers and Developers learning path. I'm the founder of code security and ethical hacking company VDA Labs. I'm a long-time security researcher, vulnerability, malware, and enterprise security expert. I love teaching and mentoring so I'm happy to bring you another exciting course. You probably knew that software developers are busier than ever, thus understanding how programs can be exploited helps them prioritize important software fixes. On the other side of the table, offensive cyber operators like penetration testers are in short supply. This material will be invaluable in training up the next generation of ethical attackers. With a hands-on style we'll cover topics such as deep vulnerability debugging, control-flow hijacks like function and return pointer overrides, shellcode creation and turning, server and client-side exploitation, security mitigation bypassing with ROP. By the end of this course you'll know how to exploit programs with confidence, which gives you the skills to defend software, write exploits, or reverse engineer malware. Before beginning the course you should take the first four courses in the Security for Hackers and Developers learning path. After completing this course you should feel comfortable with further work and research in cyber exploitation or taking my other course, Advanced Malware Analysis: Combating Exploit Kits. I hope you'll join me on this software-security journey with the Security for Hackers and Developers: Exploit Development course at Pluralsight.