PISA Security JAM 2019 x CSA Date: 25-May (Sat)Time: 9:30am - 5:00pmVenue: City University of...
Supporting Event: Sustainability & Smart Retailing Summit 2019 Date: 20th June 2019...
(ISC)² CCSP Clinic at Cloud Expo Asia 2019 Date: 22 May 2019 (Wed)Time: 15:00 - 16:10 Venue:...
Date : Feb 20, 2016
Time : 10am-5pm (one hour lunch time included)
Venue : Room ADC301, HKU SPACE Admiralty Learning Centre
Language : Mandarin
Registration : http://goo.gl/pwomCM (PISA member only)
** Equipment : You should bring your notebook with VM player installed and you should have a full administrative privilege login to perform the exercise in the workshop
Speaker : Orange Tsai, Security Consultant of DEVCORE, member of CHROOT/HITCON, Speaker of HITCON/AVTokyo/WooYun, DEFCON CTF Runner-up, discovered vulnerabilities and reported to Microsoft, Django, Yahoo, Facebook and Google. Orange is specialize in hacking methodology, web security and penetration testing
Topic : Deep dive of Exploit Writing
Exploit Writing Introduction and Prerequisite
- Binary Execution
- ccl (C compiler)
- ld (linker)
- Simple ELF (Executable and Linkable Format) Structure
- Calling Convention
- Call Stack
- Static/Dynamic Analysis & Tools
- Memory Based Attack
Hands on workshop
- How to writing Exploit
- introduction of different kind of Attack
-- Stack Buffer Overflow
-- Format String (optional)
-- Shellcode Writing
-- Stack Canary
-- DynELF leak libc base
Six CPE can be claimed for the (ISC2) Credential Holder.