Joint ICT Christmas Party Date: 14 Dec 2018 (Fri)Time: 5:45-7:00pm (registration starts at...
Modern Endpoint Security Date: 5-Dec 2018 (Wed)Time: 7:15pm - 9:00pmVenue: ADC 203, HKU SPACE...
Building Your Open Source Intelligence Capabilities Date: 7 Nov 2018 (Wed)Time: 09:30 -...
Date : Feb 20, 2016
Time : 10am-5pm (one hour lunch time included)
Venue : Room ADC301, HKU SPACE Admiralty Learning Centre
Language : Mandarin
Registration : http://goo.gl/pwomCM (PISA member only)
** Equipment : You should bring your notebook with VM player installed and you should have a full administrative privilege login to perform the exercise in the workshop
Speaker : Orange Tsai, Security Consultant of DEVCORE, member of CHROOT/HITCON, Speaker of HITCON/AVTokyo/WooYun, DEFCON CTF Runner-up, discovered vulnerabilities and reported to Microsoft, Django, Yahoo, Facebook and Google. Orange is specialize in hacking methodology, web security and penetration testing
Topic : Deep dive of Exploit Writing
Exploit Writing Introduction and Prerequisite
- Binary Execution
- ccl (C compiler)
- ld (linker)
- Simple ELF (Executable and Linkable Format) Structure
- Calling Convention
- Call Stack
- Static/Dynamic Analysis & Tools
- Memory Based Attack
Hands on workshop
- How to writing Exploit
- introduction of different kind of Attack
-- Stack Buffer Overflow
-- Format String (optional)
-- Shellcode Writing
-- Stack Canary
-- DynELF leak libc base
Six CPE can be claimed for the (ISC2) Credential Holder.