PISA Security JAM 2019 x CSA (25 May 2019)

PISA Security JAM 2019 x CSA (25 May 2019)

PISA Security JAM 2019 x CSA Date: 25-May (Sat)Time: 9:30am - 5:00pmVenue: City University of...

Supporting Event: Sustainability & Smarf Retailing Summit 2019 (20 Jun 2019)

Supporting Event: Sustainability & Smarf Retailing Summit 2019 (20 Jun 2019)

Supporting Event: Sustainability & Smart Retailing Summit 2019 Date: 20th June 2019...

(ISC)² CCSP Clinic at Cloud Expo Asia 2019 (22 May 2019)

(ISC)² CCSP Clinic at Cloud Expo Asia 2019 (22 May 2019)

(ISC)² CCSP Clinic at Cloud Expo Asia 2019 Date: 22 May 2019 (Wed)Time: 15:00 - 16:10   Venue:...

  • PISA Security JAM 2019 x CSA (25 May 2019)

    PISA Security JAM 2019 x CSA (25 May 2019)

  • Supporting Event: Sustainability & Smarf Retailing Summit 2019 (20 Jun 2019)

    Supporting Event: Sustainability & Smarf Retailing Summit 2019 (20 Jun 2019)

  • (ISC)² CCSP Clinic at Cloud Expo Asia 2019 (22 May 2019)

    (ISC)² CCSP Clinic at Cloud Expo Asia 2019 (22 May 2019)

Ethical Hacking Workshop - Deep dive of Exploit Writing

Date : Feb 20, 2016

Time : 10am-5pm (one hour lunch time included) 

Venue : Room ADC301, HKU SPACE Admiralty Learning Centre

Language : Mandarin

Registration : http://goo.gl/pwomCM (PISA member only)

** Equipment : You should bring your notebook with VM player installed and you should have a full administrative privilege login to perform the exercise in the workshop

Speaker : Orange Tsai, Security Consultant of DEVCORE, member of CHROOT/HITCON, Speaker of HITCON/AVTokyo/WooYun, DEFCON CTF Runner-up, discovered vulnerabilities and reported to Microsoft, Django, Yahoo, Facebook and Google. Orange is specialize in hacking methodology, web security and penetration testing 

 

Topic : Deep dive of Exploit Writing

Exploit Writing Introduction and Prerequisite

- Assembly

- Binary Execution

- ccl (C compiler)

- ld (linker)

- Simple ELF (Executable and Linkable Format) Structure

- Calling Convention

- Call Stack

- Static/Dynamic Analysis & Tools

- Memory Based Attack

Hands on workshop

- How to writing Exploit 

- introduction of different kind of Attack

-- Stack Buffer Overflow

-- Format String (optional)

-- Shellcode Writing

-- Defense

-- Stack Canary

-- DEP

-- ASLR

-- PIE

- Bypass

-- ROP

-- Ret2lib

-- DynELF leak libc base

 

Six CPE can be claimed for the (ISC2) Credential Holder.

For any questions, please contact us at This email address is being protected from spambots. You need JavaScript enabled to view it.