• Stars
    star
    109
  • Rank 319,077 (Top 7 %)
  • Language
  • License
    GNU Affero Genera...
  • Created almost 5 years ago
  • Updated 3 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

x64 Windows Exploit Development

!!! Course Coming Soon.

Stay up-to-date by following me on Twitter.

Get Started: 0x000 - Introduction

Support me on Patreon!

Why Learn Exploit Development?

Exploit development is a field comprised of a very small amount of dedicated individuals (plenty of hobbyists though). You probably won't get a job doing exploit development in the normal world, you'll probably have to join a government or do it as a hobby. Exploit development teaches you how software breaks, so if you want to be a software security researcher this is a great skill to have! It teaches you how software is exploited so threat analysts or defensive engineers could find this stuff helpful.

  • Is it legal?

It depends. DISCLAIMER: I'M NOT A LAWYER, I MAY BE WRONG ABOUT THIS. In the U.S. you are allowed to reverse engineer software for research purposes. As an exploit developer, while we might call it research, no one else will. To be clear, I want to separate exploit development and security research. If you are doing security research (finding vulnerabilities and reporting them to the company so they can get fixed) then you are fine. Writing an exploit for a vulnerability, a.k.a. exploit development, is... well let's just say you won't be explaining yourself out of a legal battle if you find yourself in a court room.

  • Why Teach It?

"With great power comes great responsibility". Exploit development is a fantastic skill to have, but you have to be very careful with how you use that skill. Those who posses the skill will be better than those who don't, however they will have a greater burden of evil to control. Also, it's pretty fun.

What We'll Do/Learn:

As of now I only plan on teaching basic C++ memory and process concepts (such as reading and writing to memory, both data and code). Those concepts may not completely relate to exploit development, but it will serve as a good starting point. From there we will move into "real" exploit development.

Why I Made This Course

I wanted to learn exploit development for a very long time. Anytime I would go look for a guide/course I wouldn't find much. I would be told to go take X course or read X book that was 10+ years old. Sure, a significant amount of that stuff is still important, but there's so much more. Also, exploiting a buffer overflow on x86 Linux with all of the protections disabled is much different than exploiting a buffer overflow on a modern x64 Windows machine with all protections enabled. And I understand that starting off on that Linux box was a good and easy place to start, but that's the thing, that's also where the tutorials/guides would usually end. I'm here to provide anyone a place to learn exploit development for modern x64 windows.

Contact/Stay Updated:

Follow me on Twitter @0xZ0F!
Discord Server: TODO
Become a Patreon supporter!

Please give me any and all honest feedback you have. Don't worry about hurting my feelings, I want to make this course as good as I can. I can't do that alone, that's why your feedback is so important.

The best way to stay up-to-date is to support me on Patreon which will give you access to the Patreon-only feed. The feed includes the latest updates, upcoming updates, and more.

Table Of Contents: