O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Reverse Engineering and Exploit Development

Video Description

In this Reverse Engineering and Exploit Development training course, expert author Philip Polstra will teach you about common software vulnerabilities and how to find them, as well as how the vulnerabilities differ between various operating systems. This course is designed for beginners who are looking to get started in security, penetration testing, and reverse engineering.

You will start by learning about reversing compiled Windows applications, including using fuzzing, stack overflows, and heap overflows. From there, Philip will teach you how to reverse compiled OS X, Linux, and Android applications. This video tutorial also covers how to find other vulnerabilities, including website and database vulnerabilities. Finally, you will learn about simple exploits, web exploitation, and ARM exploitation.

Once you have completed this computer based training course, you will be fully capable of finding vulnerabilities and developing exploits for them. Working files are included, allowing you to follow along with the author throughout the lessons.

Table of Contents

  1. Getting Started
    1. Introduction To Reversing 00:07:20
    2. About The Author 00:03:28
    3. Ethical Considerations 00:01:57
    4. Reversing Tools - Part 1 00:05:35
    5. Reversing Tools - Part 2 00:04:32
    6. Reversing Tools - Part 3 00:03:10
    7. Reversing Tools - Part 4 00:03:34
    8. Reversing Tools - Part 5 00:04:42
    9. Reversing Tools - Part 6 00:04:35
  2. Reversing Compiled Windows Applications
    1. Vulnerabilities - Part 1 00:05:27
    2. Vulnerabilities - Part 2 00:05:43
    3. Vulnerabilities - Part 3 00:04:22
    4. Using Fuzzing - Part 1 00:05:41
    5. Using Fuzzing - Part 2 00:05:52
    6. Using Fuzzing - Part 3 00:06:53
    7. Using Fuzzing - Part 4 00:06:22
    8. Just Enough Assembly - Part 1 00:06:56
    9. Just Enough Assembly - Part 2 00:06:56
    10. Just Enough Assembly - Part 3 00:03:52
    11. Stack Overflows - Part 1 00:06:08
    12. Stack Overflows - Part 2 00:06:09
    13. Stack Overflows - Part 3 00:07:57
    14. Heap Overflows - Part 1 00:04:47
    15. Heap Overflows - Part 2 00:05:50
    16. Heap Overflows - Part 3 00:03:12
    17. Heap Overflows - Part 4 00:05:42
    18. Format String Bugs - Part 1 00:06:43
    19. Format String Bugs - Part 2 00:07:26
    20. Format String Bugs - Part 3 00:07:03
    21. Format String Bugs - Part 4 00:04:14
    22. Section Overflows 00:06:49
    23. Windows Kernel Flaws 00:03:33
    24. Decompilers 00:06:53
    25. Automation - Part 1 00:05:53
    26. Automation - Part 2 00:05:47
  3. Reversing Compiled OS X Applications
    1. Where Are The Vulnerabilities? 00:02:28
    2. Locating Stack Overflows 00:03:32
    3. Heap Overflows 00:06:06
  4. Reversing Compiled Linux Applications
    1. Where Are The Vulnerabilities? 00:05:04
    2. Linux Stack Overflows - Part 1 00:04:31
    3. Linux Stack Overflows - Part 2 00:06:58
    4. Linux Stack Overflows - Part 3 00:06:23
    5. Linux Stack Overflows - Part 4 00:05:56
    6. Linux Stack Overflows - Part 5 00:07:06
    7. Linux Heap Overflows - Part 1 00:05:26
    8. Linux Heap Overflows - Part 2 00:06:48
    9. Linux Heap Overflows - Part 3 00:05:46
    10. Linux Heap Overflows - Part 4 00:05:05
    11. Linux Kernel Flaws - Part 1 00:05:37
    12. Linux Kernel Flaws - Part 2 00:02:45
  5. Reversing Android Applications
    1. Introduction To Android And ARM 00:04:48
    2. Android Applications 00:03:26
  6. Finding Other Vulnerabilities
    1. Web Site Vulnerabilities 00:05:41
    2. Database Vulnerabilities 00:05:05
  7. Simple Exploits
    1. Going From Vulnerability To Exploit 00:02:49
    2. A Simple Exploit Script 00:05:50
    3. Creating A Metasploit Module For An Exploit - Part 1 00:04:41
    4. Creating A Metasploit Module For An Exploit - Part 2 00:06:38
    5. Creating A Metasploit Module For An Exploit - Part 3 00:07:14
  8. Exploit Payloads
    1. Shellcode - Part 1 00:05:54
    2. Shellcode - Part 2 00:04:58
    3. Shellcode - Part 3 00:07:06
    4. Shellcode - Part 4 00:03:48
  9. Making Exploits Harder To Detect
    1. Encoding Shellcode - Part 1 00:05:16
    2. Encoding Shellcode - Part 2 00:06:03
  10. Web Exploitation
    1. Web Exploits In Metasploit 00:04:30
  11. ARM Exploitation
    1. Android Exploits In Metasploit 00:03:46
  12. Future Directions
    1. Wrap Up And Suggestions For Further Study 00:05:52