Only 3 days
Classroom
26/11/2024 (Tuesday)
Overview
The EC-Council Centre of Advanced Security Training has arrived at Firebrand Training. On this intensive three-day Exploit Development Overdrive course, you will learn how to write your own application exploits.
Warning: This is not a beginner’s course. It's highly-technical, with many hands-on labs. The course is right for you if you're an: experienced security professional, penetration tester, researcher or application developer.
You will learn how to:
- Write your own exploits from scratch
- Discover new vulnerabilities in applications
- Use Metasploit as an exploit development framework
- Exploit stack and heap overflows on both Linux and Windows
- Bypass memory protection measures like DEP, ASLR, and Stack Canaries
- Write your own shellcode on both Linux and Windows
- Write stack- and heap-based buffer overflow exploits in both Perl and Python
- Use debuggers like GDB, Ollydbg, and WinDebug
Note: this course doesn't include an exam, but you'll become Exploit Development Overdrive certified.
9x Accredited Training Centre of the Year
Firebrand Training has again won the EC-Council Accredited Training Centre of the Year Award, from a Training Partner network that has more than 700 training centres across 107 countries. This extends a record-breaking run of successive awards to nine years.
Jay Bavisi, President of EC-Council said: “The annual EC-Council Awards highlights the commitment and achievements of our global partners and trainers that have contributed to the information security community.”
Curriculum
Module 1: The Exploit Development Process
- Exploit methodology
- Fault injection
- Fuzzers
- Tools of the trade
Module 2: Introduction to Assembly
- Linux assembly
- Windows assembly
- Writing and debugging assembly programs
Module 3: Writing Shellcode
- Linux shellcode
- Windows shellcode
Module 4: Stack-Based Buffer Overflows
- Memory architecture
- Fault injection
- Ollydbg
- WinDebug
- Gdb
- Metasploit tools
- Writing stack-based overflows for Linux
- Writing stack-based overflows for Windows
Module 5: SEH Exploits
- Structured Exception Handling
- SafeSEH Bypass
- Writing SEH exploits
Module 6: Advanced Buffer Overflows
- Bypassing DEP
- Bypassing ASLR
- Stack Cookies
- Egg Hunter Shellcode
Module 7: Heap Overflows
- Heap architecture
- Writing heap overflows
Module 8: Advanced Metasploit Framework
- Writing exploits for Metasploit
- Advanced Meterpreter
Module 9: Format String Attacks
- Writing format string attacks
What's Included
Official EC-Council Courseware
- CAST 616 - Exploit Development Overdrive
Prerequisites
You should be familiar with IT security best practices, the basics of TCP/IP networking, and basic programming concepts. You should also be familiar with Metasploit and VMware.
Knowledge of programming languages isn't necessary, but it is beneficial if you have exposure to a common programming or scripting language such as Python, Perl, Ruby, C, C++, or Assembly. A programming background is not required, but you will be writing lots of code in class.
Benefits
Seven reasons why you should sit your course with Firebrand Training
- Two options of training. Choose between residential classroom-based, or online courses
- You'll be certified fast. With us, you’ll be trained in record time
- Our course is all-inclusive. A one-off fee covers all course materials, exams**, accommodation* and meals*. No hidden extras.
- Pass the first time or train again for free. This is our guarantee. We’re confident you’ll pass your course the first time. But if not, come back within a year and only pay for accommodation, exams and incidental costs
- You’ll learn more. A day with a traditional training provider generally runs from 9 am – 5 pm, with a nice long break for lunch. With Firebrand Training you’ll get at least 12 hours/day of quality learning time, with your instructor
- You’ll learn faster. Chances are, you’ll have a different learning style to those around you. We combine visual, auditory and tactile styles to deliver the material in a way that ensures you will learn faster and more easily
- You’ll be studying with the best. We’ve been named in the Training Industry’s “Top 20 IT Training Companies of the Year” every year since 2010. As well as winning many more awards, we’ve trained and certified over 135,000 professionals
*For residential training only. Doesn't apply for online courses
**Some exceptions apply. Please refer to the Exam Track or speak with our experts
Think you are ready for the course? Take a FREE practice test to assess your knowledge! Free Practice Test