Hacking Courses

Heap Exploitation Training : A Comprehensive Guide From Basics To Advanced Techniques

This article delves into our comprehensive training program designed to teach you the intricacies of exploiting heap vulnerabilities in glibc.

Originally taught at prestigious conferences like DEFCON and CanSecWest, this program offers a mix of free videos, slides, and hands-on exercises to enhance your learning.

Whether you are a beginner looking to understand the basics of malloc and heap vulnerabilities or an experienced hacker seeking advanced techniques, our modular course structure is tailored to optimize your time and deepen your expertise in this complex subject matter.

Join us to master the art of heap exploitation and fortify your cybersecurity toolkit.

  • Heap exploitation training for glibc.
  • Taught at DEFCON, CanSecWest and many other conferences.
  • Contains free videos, slides and exercises.
    • Videos are made for modules 1-6. The next five are in progress!
  • Installation steps for docker and virtual machine are below.

Modules

There is a lot of content here. So, there are two ways to go through it:

  • Go through each of the modules as specified in the order below.
  • Do the first 5 then skip to 10 & 11.
    • Personally, I think this is the best bang-for-your-time if you’re time limited. But all of the content is fun and well-polished.

Whatever you do, do NOT skip the first two modules. These are the most important concepts in the entire course.

Introduction To Heap

  1. Course introduction
  2. Introduction to Malloc
  3. Heap Vulnerability Classes:
    • Double free
    • Use after free
    • Arbitrary Frees

Techniques

  1. Fd Poison:
    • Tcache
    • 2.32+ (pointer mangling)
  2. Unlink
  3. Overlapping chunks
  4. House of Force
  5. Unsorted Bin Attack && TCache Stashing Demo
  6. House of Spirit
  7. Mmap Chunks + House of Muney — not tested yet

Final Countdown

  1. Leaks
  2. HTTP Server (final challenge)

Unused

  • House of IO and New:
    • Pointer mangling and House IO. Fun challenges in there but not super relevant anymore.
  • House of Orange:
    • Out of date + the POC doesn’t work as you’d expect.

For more information click here.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Share
Published by
Varshini

Recent Posts

Xenon : A New Tool In The Mythic Framework

Xenon is a Windows agent designed for the Mythic framework, inspired by tools like Cobalt…

1 day ago

OSCP : Navigating The Essential Toolkit For Penetration Testing

The OSCP (Offensive Security Certified Professional) certification is a highly respected credential in the cybersecurity…

1 day ago

Famatech Advanced IP Scanner Or Advanced Port Scanner Usage

Famatech offers two powerful network management tools: Advanced IP Scanner and Advanced Port Scanner. Both…

1 day ago

ELF Loader And PS5-JAR-Loader : Tools For Enhanced Functionality

In the realm of PlayStation 5 (PS5) development, two significant tools have emerged to enhance…

1 day ago

C2IntelFeeds : Enhancing Cybersecurity With Threat Intelligence

C2IntelFeeds is a powerful tool designed to provide actionable threat intelligence to cybersecurity professionals. It…

1 day ago

goLAPS : The Ultimate Guide To Managing LAPS Passwords with Golang

goLAPS is a tool designed to interact with the Local Administrator Password Solution (LAPS) in…

2 days ago