This course provides a beginner friendly introduction to the world of exploit research and bug hunting! We spend over 6+ hrs of video time learning the basics of buffer overflows on 32-bit Windows and exploiting over 10+ real world and staged application to illustrate various concepts.
– Vivek Ramachandran
Founder, SecurityTube.net and Pentester Academy
1. What is the Exploiting Simple Buffer Overflows on Win32 course about?
As Pentesters, we’ve all used some of the awesome exploits that come packaged with tools like Metasploit but what does it really take to write your own? How do you start that journey? What background knowledge do you need? Which tools? Where do you begin? This course aims at answering all these questions and getting you started with writing your own exploits.
This course starts from the very basics of how to begin exploiting buffer overflows on 32-bit Windows. We focus on imparting the basic concepts, techniques and tools of the trade to the student. It is important to note that this introductory course will be looking at exploitation of buffer overflows in the absence of exploit mitigation techniques such as DEP and ASLR. We will be creating separate courses for these and offer them soon.
This course is meant for beginners and does not assume any prior knowledge of Exploitation Techniques, Debuggers, Disassembly etc. We will be teaching everything from the very basics.
2. Course Syllabus and Software Requirements
A non-exhaustive list of topics to be covered include:
- Course Introduction
- Stack basics
- Tampering with the Return Address
- Returning to Shellcode
- Overwriting the Stack – Local and Remote
- Using Patterns to Calculate Offsets
- Exploit to Meterpreter
- Understanding Bad Characters
- Finding Bad Characters
- JMP/CALL ESP Technique
- JMP/CALL EAX Technique
- Exploiting Echo Server v1/2/3
- Local Exploitation
- Remote Exploitation
- Real World Apps Examples
Software Requirements: You will require a Windows XP SP3 machine running within Virtualbox/VMware to follow this course.
3. Can I see some sample videos from the course?
The course is fully hands-on and you will be spending almost 90% of the time doing exercises with the instructor. The course starts from the very basics and slowly takes you to more complicated topics, making it ideal for self-paced learning. Below are a couple of sample videos from the course:
2. The Stack
The course contains over 6+ hours of Videos where the student will be doing exercises.
4. What do I get as a registered student?
A registered student will get the following:
- Over 6+ hours of HD Videos
- PDF Slides of the full course
- Course Exercise files – EXEs, Python scripts etc.
Please note that there is no student forum associated with this low-priced course.
5. What is the course duration? when does it start / stop ?
This course is completely self-paced, self-study course. There is no duration of the course or expiry period.
6. I am a student of Pentester Academy. Will this course be posted there?
We are already posting the videos of this course on Pentester Academy as they are being created.
7. Student Testimonials from our other courses
SecurityTube Certifications are currently taken by students from over 73+ countries around the world! Here is what our students have to say about us:
I found the SecurityTube Linux Assembly Expert course to be unique as it challenges the trainee to research and write implementations himself rather than just learning a book. This is also reflected by the exam which requires the user to go hands and which, in my opinion, tests the skills of the user a lot better than a multiple choice exam can. I also liked the fact there weren’t any time constraints on when to take the exam, which made it infinitely easier to plan in with regards to my job. The fact you also get a complete GDB course as an extra is a real bonus (Vivek wants to make sure you really know how to use your basic tools). The best part of the SLAE was the price, there are little other trainings of the same quality with the same price.– Lucas Kauffman
IT Security Advisor, Ernst & Young
SecurityTube and Vivek Ramachandran are making a significant contribution and impact in the field of Information Security Education. My experience completing SecurityTube Wireless Security Expert has been fun and highly satisfying. The SWSE Course content is of high-quality, hands-on & crystal-clear to understand. Vivek has the unique gift of transferring his knowledge seemingly casually yet very effectively. The technique of breaking topics into delicious small-chunks make them easy to absorb irrespective of the complexity of the subject.
After passing the SWSE, I am having fun doing SecurityTube Python Scripting Expert course!– Sarveshwar Rao
Sr. Security Product Manager, Alcatel-Lucent
Though I’ve been working with Python for automating security related tasks for almost two years now, this course enhanced my understanding of the language to new depths. I’ve already recommended the SecurityTube Python Scripting Expert to all my friends, as trainer gives very clear and interesting explanations during lectures and in attached PDF materials. But still, if you want to know the subject better, you constantly need to do a lot of research yourself. And this course does really help in that! 🙂– Andriy Brukhovetskyy
CyberSecurity Professional at S21secSpain
8. Why Choose SecurityTube Certifications?
Our Certifications are taken by students from over 73+ countries and are Globally recognized. The Flags in the image to the left are countries from where our students belong. In addition, SecurityTube Certifications provide:
- High Quality Content at an Affordable Cost
- The most Comprehensive Course Coverage in the Industry
- Uses Open Content for Course Evaluation
- Concept Oriented, Practical Content rather than only Theory
9. Course Instructor
Vivek Ramachandran is the Founder and Chief Trainer at SecurityTube.net. He discovered the Caffe Latte attack, broke WEP Cloaking, a WEP protection schema in 2007 publicly at Defcon and conceptualized enterprise Wi-Fi Backdoors. He is also the author of the book “Backtrack 5 Wireless Penetration Testing“.
Vivek currently runs the SecurityTube Wi-Fi Security Expert (SWSE), the SecurityTube Metasploit Framework Expert (SMFE), SecurityTube Python Scripting Expert (SPSE) and the SecurityTube iOS Security Expert (SISE) online course and certifications which is currently being taken by students from over 73+ countries around the world. He also conducts in-person trainings in the US, Europe and Asia.
In a past life, he was one of the programmers of the 802.1x protocol and Port Security in Cisco’s 6500 Catalyst series of switches. He was also one of the winners of the Microsoft Security Shootout contest held in India among a reported 65,000 participants. He has also published multiple research papers in the field of DDoS, ARP Spoofing Detection and Anomaly based Intrusion Detection Systems.
Vivek’s work on wireless security has been quoted in BBC online, InfoWorld, MacWorld, The Register, IT World Canada etc. places. He has spoken/trained at top conferences around the world including Blackhat USA and Abu Dhabi, Defcon, Hacktivity, Brucon, ClubHack, SecurityByte, SecurityZone, Nullcon, C0C0n etc.
10. Course Enrollment and Payment
Please submit the Paypal powered form below to make a payment to “Binary Security Innovative Solutions Pvt. Ltd.“, the parent company of SecurityTube to enroll for the course. You will receive a confirmation email from our team within 1 Working Day of your payment.
If you cannot use Paypal, please drop us an email at feedback  binarysecuritysolutions.com for alternate options for payment.
11. Contact Us
We have compiled a FAQ below:
1. What is the course duration? when does it start / stop ?
The course is completely self paced. There is no duration of the course or expiry period. You can download all the course material from the students portal and watch at your own convenience.
2. What is your Refund Policy?
A: Once a course is purchased, no refund is possible. Our goods are digital (course videos, PDF copy of course slides) and once a student has downloaded them, he has full access to our copyrighted material. We would recommend you have a look at the FREE videos we have given out to access the quality of our course material and instructors before making a decision.
Please use the form below if you have any additional questions not answered by this page and we will get back to your ASAP: