ashemery / Exploitation Course
Offensive Software Exploitation Course
Stars: ✭ 189
Programming Languages
python
139335 projects - #7 most used programming language
Labels
Projects that are alternatives of or similar to Exploitation Course
Oscp Complete Guide
How to prepare for OSCP complete guide
Stars: ✭ 120 (-36.51%)
Mutual labels: exploitation
Fuxploider
File upload vulnerability scanner and exploitation tool.
Stars: ✭ 1,997 (+956.61%)
Mutual labels: exploitation
Antimalware Research
Research on Anti-malware and other related security solutions
Stars: ✭ 163 (-13.76%)
Mutual labels: exploitation
Pakuri
Penetration test Achieve Knowledge Unite Rapid Interface
Stars: ✭ 125 (-33.86%)
Mutual labels: exploitation
Blazefox
Blazefox exploits for Windows 10 RS5 64-bit.
Stars: ✭ 134 (-29.1%)
Mutual labels: exploitation
Magisk Frida
🔐 Run frida-server on boot with Magisk, always up-to-date
Stars: ✭ 144 (-23.81%)
Mutual labels: exploitation
Arissploit
Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
Stars: ✭ 114 (-39.68%)
Mutual labels: exploitation
Blisqy
Version 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).
Stars: ✭ 179 (-5.29%)
Mutual labels: exploitation
Arm exploitation
Exploitation on ARM-based Systems (Troopers18)
Stars: ✭ 139 (-26.46%)
Mutual labels: exploitation
Mqtt Pwn
MQTT-PWN intends to be a one-stop-shop for IoT Broker penetration-testing and security assessment operations.
Stars: ✭ 156 (-17.46%)
Mutual labels: exploitation
Awesome Arm Exploitation
A collection of awesome videos, articles, books and resources about ARM exploitation.
Stars: ✭ 125 (-33.86%)
Mutual labels: exploitation
Isoalloc
A general purpose memory allocator that implements an isolation security strategy to mitigate memory safety issues while maintaining good performance
Stars: ✭ 130 (-31.22%)
Mutual labels: exploitation
Ropa
GUI tool to create ROP chains using the ropper API
Stars: ✭ 151 (-20.11%)
Mutual labels: exploitation
Windows Ad Environment Related
This Repository contains the stuff related to windows Active directory environment exploitation
Stars: ✭ 123 (-34.92%)
Mutual labels: exploitation
Karkinos
A thorough library database to assist with binary exploitation tasks.
Stars: ✭ 170 (-10.05%)
Mutual labels: exploitation
Shuriken
Cross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.
Stars: ✭ 114 (-39.68%)
Mutual labels: exploitation
Mida Multitool
Bash script purposed for system enumeration, vulnerability identification and privilege escalation.
Stars: ✭ 144 (-23.81%)
Mutual labels: exploitation
Vulnerable Kext
A WIP "Vulnerable by Design" kext for iOS/macOS to play & learn *OS kernel exploitation
Stars: ✭ 188 (-0.53%)
Mutual labels: exploitation
Flashsploit
Exploitation Framework for ATtiny85 Based HID Attacks
Stars: ✭ 155 (-17.99%)
Mutual labels: exploitation
Offensive Software Exploitation (OSE) Course
This repository is for the Offensive Software Exploitation Course I am teaching at Champlain College and currently doing it for free online (check the YouTube channel for the recordings). Most of the slidenotes I used, are already shared on HTID Course, but the labs were fully created by myself. I used publically available resources and software to explain each of the weakneses covered, so there is nothing here that you cannot find online.
Vulnerable Software
The vulnerable software I used are also online and can be found at Exploit-db. I also used Stephen Bradshaw's VulnServer, plus maybe some other simple code that I prepared. Please check each lab for the software used in that specific lab and from where to download it.
Tool(s) Required
All of the tools used are free and could be downloaded from the URLs below.
- Immunity Debugger: download
- Kali Linux: download
- CFF Explorer: download
- PE-bear: download
- Ghidra: download
- IDA Pro: download
- x64dbg: download
- Microsoft SysInternals Suite: download
- CAPA by FireEye FLARE Team: download
- NetCat: download
- Others!
Target(s) Used
- Download a Windows 10 VM from Microsoft VMs (currently using Version 1809 Build 17763.1339) here. This will be used for most of the labs, except for the EggHunter lab, I used a Windows 7 VM, also from Microsoft VMs (currently offline so check archive.org).
- All the targeted software is Intel/AMD 32-bit unless otherwise instructed.
Table of Contents:
The topics that will be covered in this course are:
- The Basics (PE Format, DLLs, etc)
- Bug Hunting and Fuzzing
- Intro. to Memory Corruption and Buffer Overflows
- Metasploit
- Mitigation Techniques
- SEH and Jumping Strategies
- Egghunter
- Retrurn Oriented Programming (ROP)
- Post Exploitation
- Manual Code Injection
- Intro. to Assembly x86 and x64 (please check update #3 for this part)
- Reverse Engineering (please check update #3 for this part)
Video Recordings:
Useful Resources:
- The number one resource is the Corelan Team's blog, Corelan Team
- Introductory Intel x86, OpenSecurityTraining
Update(s):
- [1]
On Aug. 6th, 2020 both eLearnSecurity and INE decided to sponsor the English version of the course and therefore will be recording an English version too. - [2] Nov. 10th, 2020: will sponsor it myself, since I left working for eLearnSecurity.
- [3] Nov. 30th, 2020: this course will be taught next semester (Spring 2021) at Champlain College, with a slight difference, the Reverse Engineering section.
Credits:
Thanks to everyone who shared their work online, without them this course would not have happened!
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].