This repository is for the Offensive Software Exploitation Course I am teaching at Champlain College and currently doing it for free online (check the YouTube channel for the recordings).
Most of the slidenotes I used, are already shared on HTID Course, but the labs were fully created by myself. I used publically available resources and software to explain each of the weakneses covered, so there is nothing here that you cannot find online.
Vulnerable Software: The vulnerable software I used are also online and can be found at Exploit-db. Check each lab for the software used in that lab and from where to download it.
Tools used:
Targets used: Download a Windows 10 VM from Microsoft VMs (currently using Version 1809 Build 17763.1339) here. This will be used for most of the labs, except for the EggHunter lab, I used a Windows 7 VM, also from Microsoft VMs (currently offline so check archive.org).
Course modules:
- Module 01 - The Basics (PE Format, DLLs, etc)
- Module 02 - Bug Hunting and Fuzzing
- Module 03 - Intro. to Memory Corruption and Buffer Overflows
- Module 04 - Metasploit
- Module 05 - Mitigation Techniques
- Module 06 - SEH and Jumping Strategies
- Module 07 - Egghunter
- Module 08 - Retrurn Oriented Programming (ROP)
- Module 09 - Post Exploitation
- Module 10 - Manual Code Injection
OSE Course Video Recordings on YouTube (currently in Arabic): Playlist