This repository is for the Offensive Software Exploitation Course I am teaching at Champlain College and currently doing it for free online (check the YouTube channel for the recordings). Most of the slidenotes I used, are already shared on HTID Course, but the labs were fully created by myself. I used publically available resources and software to explain each of the weakneses covered, so there is nothing here that you cannot find online.
Vulnerable Software: The vulnerable software I used are also online and can be found at Exploit-db. I also used Stephen Bradshaw's VulnServer, plus maybe some other simple code that I prepared. Please check each lab for the software used in that specific lab and from where to download it.
Tool(s) used:
Target(s) used: Download a Windows 10 VM from Microsoft VMs (currently using Version 1809 Build 17763.1339) here. This will be used for most of the labs, except for the EggHunter lab, I used a Windows 7 VM, also from Microsoft VMs (currently offline so check archive.org).
Table of Contents: The topics that will be covered are in this course are:
- 01 - The Basics (PE Format, DLLs, etc)
- 02 - Bug Hunting and Fuzzing
- 03 - Intro. to Memory Corruption and Buffer Overflows
- 04 - Metasploit
- 05 - Mitigation Techniques
- 06 - SEH and Jumping Strategies
- 07 - Egghunter
- 08 - Retrurn Oriented Programming (ROP)
- 09 - Post Exploitation
- 10 - Manual Code Injection
Video Recordings:
Useful Resources:
- The number one resource is the Corelan Team's blog, Corelan Team
Update(s):
- On Aug. 6th, 2020 both eLearnSecurity and INE decided to sponsor the English version of the course and therefore will be recording an English version too.
Credits: Thanks to everyone who shared their work online, without them this course would not have happened!