Gray Hat Hacking: Moving to the Next Level
Allen Harper
USA 2011 Weekend Training Session //July 30-31
USA 2011 Weekday Training Session //August 1-2
Overview:
Learn to bypass all memory protections of Windows 7: /GS, SEH SEHOP, DEP, ASLR. Gain a working understanding of vulnerabilities, how to prevent them, and how to develop proof of concept exploits from a typical vulnerability alert.
This class is taught by a co-author of Gray Hat: the Ethical Hacker's Handbook and is targeted at those looking to move beyond "Hacking Exposed" level skills to the next level. This class is designed to be intermediate to advanced (in content). This class starts off by providing a quick review of C and assembly. Next, the course moves to processor and memory structure before moving into Linux exploits and Windows Exploits. Exploits are discussed in a progressive manner from basic to intermediate to advanced. Finally, automated tools are introduced to speed up the exploit development process.
The class will cover a variety of topics to include: programming, buffer overflows, heap overflows, format string errors, exploiting techniques on Windows and Linux, debugging skills and the latest automation tools. Using this building block approach, the student will gain a working understanding of vulnerabilities, how to prevent them, and how to develop proof of concept exploits from a typical vulnerability alert. This is a hands-on course with half the time spent working through lab examples and real world vulnerabilities.
Key Learning Objectives:
- Latest Windows memory protections and bypass methods: GS, SEH, SEHOP, DEP, ASLR
- Intermediate to Advanced Exploit Development Subjects
- Understanding error conditions
- Categories of error conditions - stack overflow, heap overflow, off-by-one, format string bugs, integer overflows (this class will deal only with stack, heap and format string errors)s
- Unix process memory map
- Win32 process memory map
- Debugging applications (Linux gdb and Windows ollydbg)
- Identifying error conditions using debugging
- Return to Libc exploits
- Writing shellcode
- Real life exploit development
- Conducting basic source code reviews for spotting error conditions
- Metasploit Exploit Framework (exploit development and integration)
General Learning Objectives
- Intermediate and advanced exploiting skills
- Essential debugging skills
- Essential attacking skills
- Problem solving skills
Prerequisites
- System Requirements:
- Laptop with 2GIG Ram
- Vmware or other virtual machine technology (installed on host)
- Windows 7 (x86-32 bit) operating system in virtual machine (guest)
- Immunity Debugger (installed on guest)
- Metasploit 3.3.x (installed on guest and on host)
- Microsoft Visual Studio Express or Higher 2010 (installed on guest)
- CDROM/DVD Reader
- Security concepts taught in more basic classes like "Hacking by Numbers" such as running tools created by others. In this class, the student will learn to modify or create their own tools.
- Metasploit
- Have a basic working knowledge of operating systems, Win32 and Linux
- Compiling programs using GCC, MS Visual C++ Toolkit
- Basic understanding of C or C++ programming
Student Expectations:
- Stay awake
- Expect to move from basic to intermediate to advance subjects quickly
Who Should Attend
Primary Audience
- Pen-testers
- Security Researchers
- Security Professionals looking to move beyond "Hacking Exposed" skills
Secondary Target Audience
- Security Students
- Programmers, looking to learn about security implications
- Technical Managers, looking to gain a deeper understanding of what hackers are up to
Trainer:
Allen Harper: In 2007, Allen Harper retired from the military as a Marine Corps Major after a tour in Iraq. He has more than 20 years of IT/Security experience. He holds an MS in Computer Science from the Naval Post Graduate School and a BS in Computer Engineering from North Carolina State University. Allen led the development of the GEN III honeywall CDROM, called roo, for the Honeynet Project. Allen was a co-author of "Gray Hat", the ethical hacker's handbook published by McGraw Hill in 2004; the second edition was published in Jan 2008. He was a member of the 2004 winning team (sk3wl of r00t) of the DEFCON Capture the Flag contest. He is a faculty member for the Institute for Applied Network Security. He has worked as a security consultant for the Internal Revenue Service (IRS) and for Logical Security, LLC. His interests include reverse engineering, vulnerability discovery, and all forms of ethical hacking. Allen is now the President and Founder of N2NetSecurity, Inc.
Early: Ends April 30 |
Regular: Ends Jun 15 |
Late: Ends Jul 29 |
Onsite: |
$2100 |
$2300 |
$2500 |
$2800 |