Binary Exploits with Python [Video]

More Information
  • Remove unwanted code such as the password or product key tests, and add Trojan code
  • Analyze simple Windows executable files and modify them using the Immunity Debugger
  • Write Python Scripts to perform exploits
  • Analyze simple Linux executable files and modify them using the gdb debugger

A penetration tester who only knows how to use tools written by others is limited to old techniques. Learning to develop your own exploits will make you much more powerful. Python is the favorite choice for penetration testers because it combines simplicity and ease of use with advanced features.

This video course starts with high-level code injection, the simplest sort of exploit. It then explains binary exploits that allow you to skip past unwanted code, such as the password or product key tests, and add Trojan code. You will perform the exploit development process: finding a vulnerability, analyzing a crash in a debugger, creating a crafted attack, and achieving remote code execution on Windows and Linux. You will use the gdb debugger to analyze Linux executables and Python code to exploit them. On Windows, you'll use the Immunity debugger and Python.

Style and Approach

This course uses a demonstration-and-challenge approach which guides students from passive observation to practical implementation of binary exploit at development techniques.

  • A comprehensive video tutorial which will get you up-and-running with code injection, the simplest sort of binary exploit
  • Find vulnerabilities, analyze a crash, create a crafted attack, and achieve remote code execution
  • Develop attacks that take a control of your server and examine the memory used by Linux programs
  • Exploit vulnerable services on Windows servers using memory corruption techniques
Course Length 2 hours 53 minutes
ISBN 9781788398343
Date Of Publication 19 Sep 2018


Sam Bowne

Sam Bowne has been teaching computer networking and security classes at City College San Francisco since 2000. He has given talks and hands-on trainings at DEFCON, HOPE, B-Sides SF, B-Sides LV, BayThreat, LayerOne, Toorcon, and many other schools and conferences. Credentials: PhD, CISSP, DEF CON Black-Badge Co-Winner