Overview
Orchidseven Advanced 0-day Exploit Development program focuses on how develop custom exploits for homegrown software applications and newly discovered flaws in widespread commercial software. In the program, candidates will analyze a real world application, find vulnerabilities and create a custom exploit to compromise it.
Objectives
- Analyzing applications
- Writing your own custom exploits
- Extending capabilities with Metasploit
Duration
16 hours (2 days)
Pre-requisites
Requisites: Good knowledge of Assembly Language, Software development experience and knowledge of Reverse Engineering.
Course outline: A0D v1.0
The program covers the following domains:
Day 1:
- Exploit Development Basics
- Approach
- Target Selection
- Analysis for Vulnerability
- Choosing platfom for coding
- Payload basics
- Network and protocol code
- Anatomy of an exploit
Day 2:
- Hands-on lab – analysis of a sample commercial application
- Finding vulnerability for our exploit
- Paylaod / shell
- Exploit coding and Payload challenges
- Exploit Frameworks
- Extending capabilities with exploit frameworks
- Coding our exploit
- Next steps – Research approach
Certification
A0D Certification requires clearing a lab exam