Skip to content

Instantly share code, notes, and snippets.

@SkyBulk

SkyBulk/syllabus.md

Last active June 17, 2020 21:47
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save SkyBulk/7143e4415ad41e0387e726b9eb52bf11 to your computer and use it in GitHub Desktop.
Save SkyBulk/7143e4415ad41e0387e726b9eb52bf11 to your computer and use it in GitHub Desktop.
Download ZIP
software security under x86 , x64, zero day Attacks course windows 10 x64
Raw
syllabus.md

This Is Course Is Under Development skybulkctf@gmail.com

  • [Fundamentals]

    • [What is a Vulnerability?]
    • [What is a Poc (Proof of Conecpt)?]
    • [What is an Exploit?]
    • [What is a Zero Day Exploit?]

  • [Intro to Assembly]

    • [Data Types and Basic Operations]
      • [Signed and Unsigned Integers]
    • [How Are Data Stored in Memory?]
    • [Common Instructions]
      • [Jmp]
      • [Cmp]
      • [Call]
      • [Mov]
    • [Type Conversion]
    • [Control Flow Transfer]
    • [Registers]
      • [What Are They?]
    • [Memory Layout]
      • [Stack]
      • [Heap]
      • [Data Segment]
      • [Text]

  • [Intro to Reversing]

    • [Introduction]
    • [Determine File Format]
    • [Ida: Basics: Intro]
      • [How to Attach a File]
      • [Starting out]
    • [Ida: Basic Blocks]
      • [What Are They?]
    • [Ida: Cross References]
      • [Finding the Main Function]
    • [Ida: Stack Frame View]

  • [Intro to Software Vulnerabilities]

    • [Software Vulnerabilities]
      • [CWE-121 Stack-based Buffer Overflow]
      • [CWE-190: Integer Overflow or Wraparound]
      • [CWE-122: Heap-based Buffer Overflow]
      • [CWE-416 Use After Free]
    • [Techniques to Secure Code Review]
      • [Regular Expressions]
      • [Automating Vulnerability Analysis Using Ida Python]

  • [Intro to Debugging]

    • [Introduction]
      • [What is a Debugger?]
      • [How the Debugger Works]
      • [Install Windbg & Setting up the symbols]
    • [Debugger Basics]
      • [Checking the Loaded Modules]
      • [Searching in the memory]
      • [Breakpoints]
      • [Unassemble instructions]
      • [Inspecting the Memory]
    • [Solving Real Life Problems]
      • [Stack Overflow Case]

  • [Fuzzing]

    • [What is Fuzzing?]
    • [Type of Fuzzers]
    • [Mutation-based]
      • [Objectives]
      • [Dumb Fuzzing]
      • [Example]
    • [Generation-based]
      • [Objective]
      • [Introduction to Xml]
      • [Generation Fuzzing]
      • [Example]

  • [Intro to Writting Exploits]

  • [Introduction]
    • [preparation stage]
  • [Vulnerability Exploitation]
    • [Replicating the Vulnerability]
    • [Controlling EIP / SEH Handler]
    • [Locating Space for Your Shellcode]
    • [Checking for Bad Characters]
    • [Hijacking Execution]
    • [Common Instructions]
    • [Exploiting the Vulnerability (demo)]

  • [Seh Overwrites]

    • [Introduction]
      • [What is Structured Exception Handling and How It Works?]
      • [What is Teb?]
        • [Teb Overall Structure]
      • [What is Tib ?]
        • [Tib Structure]
    • [SEH Chain]
      • [Observing the Seh Chain ]
    • [Why Do I Need Pop Pop Ret?]
    • [Exploiting Seh Under X86 Process]
      • [Finding POP POP RET gadgets]
      • [Exploiting the Vulnerability (Demo)]

  • [Logical bugs]

    • Getting Started
      • [what is Logical error?]
      • [What is an Integer Overflow?]
      • [Integer Overflow vulnerability (stack-based)]
    • Exploiting an integer overflow
      • [Identifying the core problem]
      • [Triggering the vulnerability]
      • [Defeating Stack Guard]
      • [Fixing Offsets]
      • [Arbitrary code execution]

whats next?

  • ASLR(various techniques to leak)
  • DEP(various techniques)
  • heap overflow
  • UAF
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment