Hacking Courses

Heap Exploitation Training : A Comprehensive Guide From Basics To Advanced Techniques

This article delves into our comprehensive training program designed to teach you the intricacies of exploiting heap vulnerabilities in glibc.

Originally taught at prestigious conferences like DEFCON and CanSecWest, this program offers a mix of free videos, slides, and hands-on exercises to enhance your learning.

Whether you are a beginner looking to understand the basics of malloc and heap vulnerabilities or an experienced hacker seeking advanced techniques, our modular course structure is tailored to optimize your time and deepen your expertise in this complex subject matter.

Join us to master the art of heap exploitation and fortify your cybersecurity toolkit.

  • Heap exploitation training for glibc.
  • Taught at DEFCON, CanSecWest and many other conferences.
  • Contains free videos, slides and exercises.
    • Videos are made for modules 1-6. The next five are in progress!
  • Installation steps for docker and virtual machine are below.

Modules

There is a lot of content here. So, there are two ways to go through it:

  • Go through each of the modules as specified in the order below.
  • Do the first 5 then skip to 10 & 11.
    • Personally, I think this is the best bang-for-your-time if you’re time limited. But all of the content is fun and well-polished.

Whatever you do, do NOT skip the first two modules. These are the most important concepts in the entire course.

Introduction To Heap

  1. Course introduction
  2. Introduction to Malloc
  3. Heap Vulnerability Classes:
    • Double free
    • Use after free
    • Arbitrary Frees

Techniques

  1. Fd Poison:
    • Tcache
    • 2.32+ (pointer mangling)
  2. Unlink
  3. Overlapping chunks
  4. House of Force
  5. Unsorted Bin Attack && TCache Stashing Demo
  6. House of Spirit
  7. Mmap Chunks + House of Muney — not tested yet

Final Countdown

  1. Leaks
  2. HTTP Server (final challenge)

Unused

  • House of IO and New:
    • Pointer mangling and House IO. Fun challenges in there but not super relevant anymore.
  • House of Orange:
    • Out of date + the POC doesn’t work as you’d expect.

For more information click here.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Leave a Comment
Share
Published by
Varshini
Tags: cybersecurityinformationsecuritykalilinuxkalilinuxtools
1 month ago

Recent Posts

DarkCool : Unleashing Python’s Power In Cybersecurity

DarkCool is a comprehensive Python-based security tool designed to revolutionize the fields of penetration testing,…

1 hour ago

Bottom : Your Ultimate Guide To Mastering System Monitoring Across Platforms

"bottom" (btm) is a powerful, customizable, cross-platform graphical system and process monitor designed for terminal…

4 hours ago

OpenTelemetry Rust : A Comprehensive Guide For Instrumenting Rust Applications

OpenTelemetry Rust is an implementation of the OpenTelemetry framework tailored for the Rust programming language.…

4 hours ago

PoC : Understanding PoC Repositories For CVEs And Vulnerabilities

A Proof of Concept (PoC) repository is a valuable tool in the cybersecurity landscape, designed…

5 hours ago

TWEET-MACHINE (TM) : A Powerful Twitter OSINT Tool

TWEET-MACHINE (TM) is an innovative Open-Source Intelligence (OSINT) tool designed specifically for Twitter. It enables…

24 hours ago

Comprehensive Rust : Tools And Workflow

Comprehensive Rust is an open-source, multi-day Rust programming course developed by Google’s Android team. It…

24 hours ago