SI Secure
SI Secure
IndustriesServicesProductsCompanyLibrary
Products | TeamProfessor


Exploiting Buffer Overflows

Try Course Download
Course Curriculum or Data Sheet		 Contact
+1.978.694.1008 x1 or Web form

This course provides you with all the required information to help you understand and mitigate buffer-overflow exploits. It first introduces the concepts necessary to recognize the threats posed by these exploits and to comprehend the mechanisms behind exploitation of stack-based and heap-based buffer overflows. The course then delves into the different challenges faced by exploit code and how different exploitation techniques overcome environmental limitations. 

Upon completion of this course, you will also be able to:

  • Recognize the threats posed by exploitation of vulnerable programs

  • Describe how buffer-overflow vulnerabilities are exploited

  • Outline the challenges faced by exploit code during execution

  • Describe common exploitation techniques

  • Describe common exploit payloads

  • Outline common exploitation tools

  • Use existing mitigations to defend against exploitation

 MODULES

Recognizing the Threats Posed by Exploitation
Buffer overflows are one of the most commonly known types of security vulnerabilities. While they can be easily remediated, past events have shown that they have often been overlooked and widely exploited. In order to successfully mitigate buffer-overflow vulnerabilities it is important for you to understand what exploitation is, why it occurs, and what its consequences to overall application and system security are.

This module will help you understand buffer overflow exploitation and will provide you with the necessary information to identify the risks posed by exploitation.
 

Exploitation Techniques
Exploitation techniques vary in complexity, from simple attacks that spawn processes to complex, multi-stage attacks. This module describes various aspects of the development of exploit code, such as common exploitation techniques, typical exploit payloads, and exploitation frameworks. It also provides you with an overview of the practices employed by exploit code to overcome operating system and application defenses.
 

Mitigating Exploitation
This module describes techniques aimed at avoiding and mitigating exploitation of buffer overflows, including built-in mechanisms in the Windows family of operating systems whose purpose is to make it difficult to exploit a buffer overflow. In addition, you will be provided with a list of additional resources on exploitation, which will enable you to keep up to date with the latest advancements and countermeasures in the field.


After completing this module you will be able to use existing mitigations to defend against exploitation, including:

  • address space layout randomization

  • the /GS compiler flag

  • data execution prevention
Assessment
Participants will complete various self-test questions throughout the course
   
Visit our online Training Center to sample this course for free

 

For more information,  please contact us at +1.978.694.1008 x1 or by web form

 

back to the top of the page