Jump to content
tester1337

ptrace - advanced software exploitation or similar advanced courses

Recommended Posts

hey people, i am looking for p-trace advanced exploitation course or any other advanced exploitation courses that don't deal with basic overflows or basic heap(lfh or linux/arm, not older stuff).
windows/linux/arm is prefered.

what i mean is courses that don't aim to teach the basics(even though they call themselves advanced, like 760), that actually give tactics and tricks to exploit modern software and don't teach the basic, but deal with exploitation tricks and tactics, code reviews, efficient primitive location and such (so not xds(which is the best course to teach the basics, in my opinion better than corelan) or 660/760(xds doesn't teach heap or drivers, but if they were, like everything elearnsecurity does - it would've been way better and more comprehensive than anyone else)).

example of courses i am looking for are: ret2 browser, ptrace advanced, windows advanced driver exploitation, awe(though it probably won't be shared anytime soon sadly), and similar courses for linux kernel or arm64.

it can help many of us who cannot afford those expensive materials but can use the knowledge for good to make the world safer.

thank you very much.

note: i asked those courses because i was told some of them were already being shared, and i know that for sure some people trade those.

Share this post


Link to post
Share on other sites

didn't know ptrace is so old. the curriculum looked good. do you have any idea or experience about mosse school exploitation path? (the curriculum looks really awesome):

Hidden Content

    Give reaction to this post to see the hidden content.

 

 

  • Like 32
  • Thanks 8

Share this post


Link to post
Share on other sites
9 hours ago, betweengap said:

ptrace advanced software exploitation is very old; there is one type confusion in java runtime and a info leak in firefox (vulns are around 2010-2011)

as for driver/kernel exploitation, you probably can learn a lot by reading HEVD write-ups; patch diffing is also a good way to spot vulns;

I'm in very similar situation like you (lack of modern public exploitation document/tutorial); the only way I know is to read AWE prep guides[1][2] and practice based on them;

the other option is to look for logical vulns[3]. they are way way more easy to understand and find;

you can DM me and we will talk about it more; sharing useful links/tutorials/documents and ...

[1]:

Hidden Content

    Give reaction to this post to see the hidden content.

[2]:

Hidden Content

    Give reaction to this post to see the hidden content.

[3]:

Hidden Content

    Give reaction to this post to see the hidden content.


 

 

Hi, can not DM you, so can we talk on Tele? My Tele: @bukawjs.  Always happy to hear from you. Thanks in advanced.

  • Like 11
  • Thanks 1

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...