Cybersecurity Predictions 2019 and Advanced Technology on Endpoint Protection Webinar Date:...
Asia Pacific CACS Conference 2019 Date: 1 Apr (Conference) / 2-3 Apr (Workshops)Time: 8:30am -...
Certified Cloud Security Professional (CCSP) certification Date: 4-8 March, 2019Time: 9:00am -...
Date : Feb 20, 2016
Time : 10am-5pm (one hour lunch time included)
Venue : Room ADC301, HKU SPACE Admiralty Learning Centre
Language : Mandarin
Registration : http://goo.gl/pwomCM (PISA member only)
** Equipment : You should bring your notebook with VM player installed and you should have a full administrative privilege login to perform the exercise in the workshop
Speaker : Orange Tsai, Security Consultant of DEVCORE, member of CHROOT/HITCON, Speaker of HITCON/AVTokyo/WooYun, DEFCON CTF Runner-up, discovered vulnerabilities and reported to Microsoft, Django, Yahoo, Facebook and Google. Orange is specialize in hacking methodology, web security and penetration testing
Topic : Deep dive of Exploit Writing
Exploit Writing Introduction and Prerequisite
- Binary Execution
- ccl (C compiler)
- ld (linker)
- Simple ELF (Executable and Linkable Format) Structure
- Calling Convention
- Call Stack
- Static/Dynamic Analysis & Tools
- Memory Based Attack
Hands on workshop
- How to writing Exploit
- introduction of different kind of Attack
-- Stack Buffer Overflow
-- Format String (optional)
-- Shellcode Writing
-- Stack Canary
-- DynELF leak libc base
Six CPE can be claimed for the (ISC2) Credential Holder.