What Do You Need To Know About SANS SEC760: Advanced Exploit Development for Penetration Testers?
46Vulnerabilities in modern operating systems such as Microsoft Windows 7/8, Server 2012, and the latest Linux distributions are often very complex and subtle. Yet, when exploited by very skilled attackers, these vulnerabilities can undermine an organization's defenses and expose it to significant damage. Few security professionals have the skillset to discover, let alone even understand at a fundamental level, why the vulnerability exists and how to write an exploit to compromise it. Conversely, attackers must maintain this skillset regardless of the increased complexity. SANS SEC760: Advanced Exploit Development for Penetration Testers teaches the skills required to reverse-engineer 32-bit and 64-bit applications, perform remote user application and kernel debugging, analyze patches for 1-day exploits, and write complex exploit, such as use-after-free attacks against modern software and operating systems.
You Will Learn:
- How to write modern exploits against the Windows 7/8/10 operating systems
- How to perform complex attacks such as use-after-free, kernel exploit techniques, one-day exploitation through patch analysis, and other advanced topics.
- The importance of utilizing a Security Development Lifecycle (SDL) or Secure SDLC, along with Threat Modeling.
- How to effectively utilize various debuggers and plug-ins to improve vulnerability research and speed.
- How to deal with modern exploit mitigation controls aimed at thwarting success and defeating determination.
Want to learn more about this course? Have a look at sans.org/course/advanced-exploit-development-penetration-testers
James Shewmaker authored and maintains SANS SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking. He also led the development of NetWars in 2009. James regularly teaches a slew of SANS Pen Test courses, including SEC760.