Building Your Open Source Intelligence Capabilities Date: 7 Nov 2018 (Wed)Time: 09:30 -...
"Hong Kong Towards Faster Payment" Conference (16 Oct 2018) Date: 16 October 2018, TuesdayTime:...
Certified Cloud Security Professional (CCSP®) certification Date: 8-12 Oct, 2018Time: 9:00am -...
Date : Feb 20, 2016
Time : 10am-5pm (one hour lunch time included)
Venue : Room ADC301, HKU SPACE Admiralty Learning Centre
Language : Mandarin
Registration : http://goo.gl/pwomCM (PISA member only)
** Equipment : You should bring your notebook with VM player installed and you should have a full administrative privilege login to perform the exercise in the workshop
Speaker : Orange Tsai, Security Consultant of DEVCORE, member of CHROOT/HITCON, Speaker of HITCON/AVTokyo/WooYun, DEFCON CTF Runner-up, discovered vulnerabilities and reported to Microsoft, Django, Yahoo, Facebook and Google. Orange is specialize in hacking methodology, web security and penetration testing
Topic : Deep dive of Exploit Writing
Exploit Writing Introduction and Prerequisite
- Binary Execution
- ccl (C compiler)
- ld (linker)
- Simple ELF (Executable and Linkable Format) Structure
- Calling Convention
- Call Stack
- Static/Dynamic Analysis & Tools
- Memory Based Attack
Hands on workshop
- How to writing Exploit
- introduction of different kind of Attack
-- Stack Buffer Overflow
-- Format String (optional)
-- Shellcode Writing
-- Stack Canary
-- DynELF leak libc base
Six CPE can be claimed for the (ISC2) Credential Holder.