Writing Stackbased overflows for Windows

Part I – Basic Concepts
Part II – Windows Assembly for writing Exploits
Part III – Stack Overflows
Part IV – Shell Code Creation and Exploiting An Application Remotely
Appendix V – Source Code Used In Articles

The articles released this week introduce basic concepts of of memory management, and assembly. Next week the next two articles will be released.

The articles also have a Mini Exercise section, the solutions for which will be provided on November 20th. If you would like us to put your solution in, please send us an email at articles[a-t]securitycompass.com with the subject solution in it. The best solution shall be published as a link here.

Exploiting And Defending Networks: This presentation talks about taking advantage of an application and gaining “Enterprise Administrative Access” to an internal Windows 2003 network behind a firewall. It uses traditional techniques which are still valid on windows 2003 environment.

Exploiting And Defending Web Applications: This presentation talks about taking advantage of improper authentication, authorization, input validation and lost password to gain access to an application and gaining privileged access on a system behind a firewall.

Analyzing Code for Security Defects:
This presentation talks about a different technique (from Microsoft) in assigning value to risk when performing threat analysis. Once the threat has been determined it talks about how to perform a focused code review on a large code base. It also covers some basic problems that are typically found when performing code review in C/C++.


About wikihead

A Seeker. Information Security Professional, Pursuing Life with Ayurveda.
This entry was posted in Articles, security and tagged , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s