Ethical Hacking Blog
In this blog post, I summarise my experience taking the Offsec Exploit Developer (OSED) course, including required knowledge, the exam, and my personal highlights. Overview The EXP-301 course, aka "Windows User Mode Exploit Development" (WUMED) is the last of Offsec’s revamped Offensive Security Certified Expert (OSCE3) courses, and was released to refresh the low level…
In this blog post, we will be covering an implementation of a custom crypter using AES encryption. This post follows on in our blog series created for the SLAE32 certification course provided by Pentester Academy. Overview A crypter is a piece of code which can be used to encrypt a file, executable or shellcode buffer.…
In this blog post, we will be covering the concept of polymorphism, and how it can be used to modify shellcode to bypass antivirus signature detection. This post follows on in our blog series created for the SLAE32 certification course provided by Pentester Academy. Overview Antivirus solutions tend to rely on two main detection mechanisms…
In this blog post, we will be covering our process behind reverse engineering and understanding popular shellcode payloads maintained in the payload module of the Metasploit project, MSFvenom. As this blog series is based on x86 Linux, this post will focus on payloads supporting this architecture and platform. This post is the fifth entry in…
In this blog post, we cover how to implement a custom shellcode encoder for x86 Linux in assembly. This post follows on in the series of posts created for the SLAE32 certification course provided by Pentester Academy. Overview To prevent a shellcode payload from being fingerprinted by AV solutions, it is necessary to obfuscate its…
In this blog post, we will be covering our process behind understanding and implementing egg hunter shellcode for x86 Linux in assembly. This post follows on in the series of posts created for the SLAE32 certification course provided by Pentester Academy. Overview During exploit development, one of the key contraints separating a successful exploit from…
In this blog post, we will be covering the process behind writing and analysing an x86 TCP reverse shell for Linux in assembly. This post follows on in the series of posts created for the SLAE32 certification course provided by Pentester Academy. Overview The code for the TCP reverse shell will consist of the following…
In this blog post, we will be covering the process behind writing and analysing an x86 TCP bind shell for Linux in assembly. This post will be the first in a series of posts created for the SLAE32 certification course provided by Pentester Academy. Overview The code for the TCP bind shell will consist of…