Description
A penetration tester who only knows how to use tools written by others is limited to old techniques. Learning to develop your own exploits will make you much more powerful. Python is the favorite choice for penetration testers because it combines simplicity and ease of use with advanced features. This video course starts with high-level code injection, the simplest sort of exploit. It then explains binary exploits that allow you to skip past unwanted code, such as the password or product key tests, and add Trojan code. You will perform the exploit development process: finding a vulnerability, analyzing a crash in a debugger, creating a crafted attack, and achieving remote code execution on Windows and Linux. You will use the gdb debugger to analyze Linux executables and Python code to exploit them. On Windows, you'll use the Immunity debugger and Python. About the AuthorSam Bowne has been teaching computer networking and security classes at City College San Francisco since 2000. He has given talks and hands-on trainings at DEFCON, HOPE, B-Sides SF, B-Sides LV, BayThreat, LayerOne, Toorcon, and many other schools and conferences. Credentials: PhD, CISSP, DEF CON Black-Badge Co-Winner
