Security for Hackers and Developers: Exploit Development

Developers are busy, but understanding how to exploit software will help you properly prioritize security critical bugs. This course will teach you basic exploits, shellcoding, and return-oriented programming (ROP).
Course info
Rating
(18)
Level
Intermediate
Updated
Sep 26, 2017
Duration
1h 47m
Table of contents
Description
Course info
Rating
(18)
Level
Intermediate
Updated
Sep 26, 2017
Duration
1h 47m
Description

With developers so overloaded, why should you prioritize security fixes? Because hackers are probably writing exploits against your product right now. You need to learn what that process entails to enable a deeper appreciation for the serious defenses needed. In this course, Security for Hackers and Developers: Exploit Development, you'll learn the ins and outs of how to write basic exploits. First, you'll explore control-flow hijacks such as function and return pointer overwrites. Next, you'll cover how to create and debug shellcode. Finally, you'll discover how to overcome common security mitigations using return-oriented programming (ROP). By the end of this course, you’ll know how to exploit programs with confidence, which gives you the skills to defend software, write exploits, or reverse engineer malware.

About the author
About the author

Dr. Jared DeMott is the founder of the security company, Vulnerability Discovery & Analysis (VDA) Labs. DeMott is a former NSA security analyst, Microsoft BlueHat Prize winner, and was the CTO and Binary Defense. He's frequently quoted in media, and invited to speak at security events.

More from the author
Security for Hackers and Developers: Fuzzing
Intermediate
2h 9m
14 Dec 2016
More courses by Jared DeMott
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone, my name is Dr. DeMott, and welcome to my course on Exploit Development. This is the fifth and final course in the Security for Hackers and Developers learning path. I'm the founder of code security and ethical hacking company VDA Labs. I'm a long-time security researcher, vulnerability, malware, and enterprise security expert. I love teaching and mentoring so I'm happy to bring you another exciting course. You probably knew that software developers are busier than ever, thus understanding how programs can be exploited helps them prioritize important software fixes. On the other side of the table, offensive cyber operators like penetration testers are in short supply. This material will be invaluable in training up the next generation of ethical attackers. With a hands-on style we'll cover topics such as deep vulnerability debugging, control-flow hijacks like function and return pointer overrides, shellcode creation and turning, server and client-side exploitation, security mitigation bypassing with ROP. By the end of this course you'll know how to exploit programs with confidence, which gives you the skills to defend software, write exploits, or reverse engineer malware. Before beginning the course you should take the first four courses in the Security for Hackers and Developers learning path. After completing this course you should feel comfortable with further work and research in cyber exploitation or taking my other course, Advanced Malware Analysis: Combating Exploit Kits. I hope you'll join me on this software-security journey with the Security for Hackers and Developers: Exploit Development course at Pluralsight.