Jump to content
zixkhalid

SANS SEC760 Videos

Recommended Posts

honestly, and i am sorry for saying this, this is not an advanced course. it teaches the basics of modern exploitation, it is not aimed towards people who know programming(which means they don't actually teach the inner windows things), and it is barely the basics. for instance they teach basic heap spraying after like 100 pages in the heap section, and it doesn't go beyond the very basics of how to write a basic for loop(they don't teach you how to fuzz javascript engines or browsers, typical vulnerability classes, inner engines and their weaknesses, escaping from a sandboxed environment and such), same goes for the kernel module and similar. worst thing - they don't even teach how to bypass modern mitigations.

this is really not an advanced course, it should be called sans 664 or something, and they should really invent a course dedicated to people who want to learn modern exploitation, to bypass modern mitigations, to learn about different architectures and their inner weaknesses, teach hooking or new ways of manipulating the kernel(handles, irps, abusing devices and similar).  they should do a course for people who are not afraid of programming.

basically, if you want to learn the course in a fast way and not go through like 1000 pages: learn basic heap/kernel structures(peb/teb/eprocess/ethread and many others), learn about low fragment heap, learn about basic kernel programming and how to communicate with devices from userland - then study writeups of hevd(highly vulnerable kernel driver).
other important skills: know ida/windbg, basic patch diffing and read a lot of articles by professionals you may find in the internet. if you can watch videos of people doing stuff(not explaining the theory which is nonsense to me) - you can learn way more.

basically, you can google everything you'd like to know and you might be lucky enough to find results by some good developers who teach their experience and most importantly - tips on how to overcome mitigations or failures.

good luck, and if you have good information or courses, please share here as well.

and no, i don't have the videos nor i care for them.

  • Like 2

Share this post


Link to post
Share on other sites
11 hours ago, tester1337 said:

honestly, and i am sorry for saying this, this is not an advanced course. it teaches the basics of modern exploitation, it is not aimed towards people who know programming(which means they don't actually teach the inner windows things), and it is barely the basics. for instance they teach basic heap spraying after like 100 pages in the heap section, and it doesn't go beyond the very basics of how to write a basic for loop(they don't teach you how to fuzz javascript engines or browsers, typical vulnerability classes, inner engines and their weaknesses, escaping from a sandboxed environment and such), same goes for the kernel module and similar. worst thing - they don't even teach how to bypass modern mitigations.

this is really not an advanced course, it should be called sans 664 or something, and they should really invent a course dedicated to people who want to learn modern exploitation, to bypass modern mitigations, to learn about different architectures and their inner weaknesses, teach hooking or new ways of manipulating the kernel(handles, irps, abusing devices and similar).  they should do a course for people who are not afraid of programming.

basically, if you want to learn the course in a fast way and not go through like 1000 pages: learn basic heap/kernel structures(peb/teb/eprocess/ethread and many others), learn about low fragment heap, learn about basic kernel programming and how to communicate with devices from userland - then study writeups of hevd(highly vulnerable kernel driver).
other important skills: know ida/windbg, basic patch diffing and read a lot of articles by professionals you may find in the internet. if you can watch videos of people doing stuff(not explaining the theory which is nonsense to me) - you can learn way more.

basically, you can google everything you'd like to know and you might be lucky enough to find results by some good developers who teach their experience and most importantly - tips on how to overcome mitigations or failures.

good luck, and if you have good information or courses, please share here as well.

and no, i don't have the videos nor i care for them.

I kind of agree. I'm doing 660 right now and all the content is basically ripped from a college networking + os textbook. Pretty much every exploit was talked about it in the textbook I read in school (but they gave you the scripts to actually do it).

They don't go in any detail on the implementation and it seems more geared towards non-developers. 

Share this post


Link to post
Share on other sites

I agree as well I have taken 660/760 and 99% is stolen from books you would have better knowledge reading books and here is the books I found that they are using in 760 

IDA pro book v2 

the gray hat python 

the art of exploitation

A Bug Hunter's Diary

Hidden Content

    Give reaction to this post to see the hidden content.

 

you will be more knowledgeable if you read the above books and tutorials, other than that you can read 1000page just to know 1% left which 

  • Like 35
  • Thanks 6
  • Confused 1

Share this post


Link to post
Share on other sites
On 10/20/2020 at 11:02 PM, zixkhalid said:

I agree as well I have taken 660/760 and 99% is stolen from books you would have better knowledge reading books and here is the books I found that they are using in 760 

IDA pro book v2 

the gray hat python 

the art of exploitation

A Bug Hunter's Diary

Hidden Content

    Give reaction to this post to see the hidden content.

 

you will be more knowledgeable if you read the above books and tutorials, other than that you can read 1000page just to know 1% left which 

can you share 760 PDF pls ?

  • Like 11
  • Thanks 3
  • Haha 1
  • Sad 1

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...