August 26, 2016

Exploitation 103

This lecture has several walkthroughs and demos of modern binary exploitation techniques for heap and format string vulnerabilities. For heap exploitation we examine classic heap buffer overflow exploitation (e.g. unlink_macro targeting), discuss modern heap buffer overflow exploitation with safe-unlink bypassing and other techniques, cover heap spraying and use-after-free exploitation. We have two examples of format string exploitation, demonstrating different techniques. Finally we discuss the cornerstone of defenses against modern binary exploitation: exploit mitigations like stack cookies, Data Execution Prevention (DEP), No Execute (NX), Address Space Layout Randomization ASLR, and more. Finally we of course discuss how each exploit mitigation is bypassed. Slides for this lecture begin on slide 56. At this time, students are expected to have completed Homework 4, assigned in Lecture 08: Reverse Engineering x86 102.

[ Slides ] [ Discussion ]

Interested in having your homework graded? Contact us to learn about grading options. The release schedule for this course is available here.

August 24, 2016

Exploitation 102

This lecture walks through the basics of x86 shellcode and payload development for Linux environments. Here we detail many important nuances of payload development, creating and managing strings, dealing with null-bytes, position-independence, and creating self-modifying (polymorphic) payloads.

OCS 2.0 Lecture 13 - Exploitation 102 from Jason Reynolds on Vimeo.

[ Slides ] [ Discussion ]

Interested in having your homework graded? Contact us to learn about grading options. The release schedule for this course is available here.

August 23, 2016

Exploitation 101

This is the beginning of the exploit development lectures. The fundamentals of processor architecture relevant to modern binary exploitation are covered. The stack is reviewed, and simple buffer overflows are explained.

OCS 2.0 Lecture 12 - Exploitation 101 from Jason Reynolds on Vimeo.

[ Homework ] [ Slides ] [ Discussion ]

Interested in having your homework graded? Contact us to learn about grading options. The release schedule for this course is available here.

August 19, 2016

Fuzzing 102

This lecture explains advanced techniques for vulnerability research, bug hunting, and crash analysis. Topics covered are taint analysis, dynamic taint analysis, code paths and the classic explosion problem, symbolic and intermediate representations, symbolic execution, and modern vulnerability hunting systems that offer hybrid approaches. At this time, students are intended to have completed Homework 3, assigned in Lecture 6.

OCS 2.0 Lecture 11 - Fuzzing 102 from Jason Reynolds on Vimeo.

[ Homework ] [ Slides ] [ Discussion ]

Interested in having your homework graded? Contact us to learn about grading options. The release schedule for this course is available here.

August 17, 2016

Offensive Computer Security 2.0 : Midterm Review

This is a study review for students for the upcoming midterm exam. To get exams or premium services, please contact us.

[ Discussion ] [ Slides ]

Interested in having your homework graded? Contact us to learn about grading options. The release schedule for this course is available here.

August 15, 2016

Fuzzing 101

This lecture provides coverage of Fuzzing techniques for SDL, VR, 0-day hunting, and other applications. We discuss nuances and realities of bug hunting, testing, and bug fixing. Mutational, generational (aka model based), and differential fuzzing are covered. Computer science theory is discussed in relation to computational and algorithmic limits on fuzzing. Test harness development and modification is discussed. Crash analysis is covered in depth, and finally demonstrations of using tools like American Fuzzy Lop (AFL) fuzzer and lcov are presented.

OCS 2.0 Lecture 09 - Fuzzing 101 from Jason Reynolds on Vimeo.

[ Slides ] [ Discussion ]

Interested in having your homework graded? Contact us to learn about grading options. The release schedule for this course is available here.

August 12, 2016

Reverse Engineering x86 102

Day two of our two day reverse engineering workshop, exposing students to x86 reverse engineering with IDA and CFF Explorer. The slides for this lecture begin on slide #81.

OCS 2.0 Lecture 08 - Reverse Engineering 102 from Jason Reynolds on Vimeo.

[ Slides ] [ Homework ] [ Discussion Thread ] [Lecture Exercise Files]

Interested in having your homework graded? Contact us to learn about grading options. The release schedule for this course is available here.

August 10, 2016

Reverse Engineering x86 101

Day one of our two day reverse engineering workshop, exposing students to x86 reverse engineering with IDA and CFF Explorer. At this time, students are expected to have completed homework 2, assigned at the end of lecture 3.

OCS 2.0 Lecture 08 - Reverse Engineering 102 from Jason Reynolds on Vimeo.

[ Slides ] [ Discussion Thread ] [Lecture Exercise Files]

Interested in having your homework graded? Contact us to learn about grading options. The release schedule for this course is available here.

August 8, 2016

Rootkit Design and Infection Techniques

This lecture covers rootkit design and techniques for windows and linux. A popular open-source rootkit case study is analyzed.

OCS 2.0 Lecture 06b - Rootkits from Jason Reynolds on Vimeo.

[ Slides ] [ Discussion Thread ]

Interested in having your homework graded? Contact us to learn about grading options. The release schedule for this course is available here.

August 5, 2016

Windows OS Overview in OCS 2.0

This lecture provides an overview of the registry and registry hives, persistence mechanisms used by malware, Portable Executable (PE) file format overview, window systems calls commonly used by malware, and the Windows Application Programmable Interface (API).

OCS 2.0 Lecture_06 - Windows_Overview from Jason Reynolds on Vimeo.

[ Slides ] [ Homework ] [ Discussion Thread ]

Interested in having your homework graded? Contact us to learn about grading options. The release schedule for this course is available here.

August 3, 2016

Linux and the Permissions Spectrum

This lecture includes a technical overview of Linux operating system basics, and an introduction to vulnerability research topics and the permissions spectrum. At this time, students are expected to have finished the exercises presented in homework 1, which was assigned in the first lecture.

OCS 2.0 Lecture 05 - Linux and Permissions Spectrum from Jason Reynolds on Vimeo.

[ Slides ] [ Discussion Thread ]

Interested in having your homework graded? Contact us to learn about grading options. The release schedule for this course is available here.

August 1, 2016

Code Auditing in OCS 2.0

This lecture covers the fundamentals of auditing C/C++ source code for vulnerabilities, as well as the standard bug enumerations of CVE and CWE. Several exercises and examples are presented.

OCS 2.0 Lecture_04 - Code_Auditing from Jason Reynolds on Vimeo.

[ Slides ] [ Discussion Thread ]

Interested in having your homework graded? Contact us to learn about grading options. The release schedule for this course is available here.