Skip to main content

Posts

SLAE/SLAE64 Course Review

After recently finishing both the SLAE (http://www.securitytube-training.com/online-courses/securitytube-linux-assembly-expert/index.html) and SLAE64 (http://www.securitytube-training.com/online-courses/x8664-assembly-and-shellcoding-on-linux/index.html) courses available through SecurityTube Training, and earning both certifications, I thought I would write a review of the training itself. Personally, I chose these course as a way to learn Assembly in preparation for the Crack The Perimeter (CTP) course and OSCE certification. After taking the Pentesting With Kali (PWK) class and earning the OSCP, I knew I needed to fill some gaps in my knowledge, and specifically with C and Assembly programming. Seeing that there aren't many training offerings that aim to teach Assembly specific to penetration testing and shellcoding, I gave SLAE a try.

  If you don't care about the certification itself, you can obtain all of SecurityTube's videos for a small monthly fee through Pentes…
Recent posts

SLAE64 - Assignment 7

This post is a continuation of a seven (7) part blog series as part of the SLAE64 certification challenge. You can read the previous blog posts using the links below.

Previous Posts:
SLAE64 - Assignment 1SLAE64 - Assignment 2SLAE64 - Assignment 3SLAE64 - Assignment 4SLAE64 - Assignment 5SLAE64 - Assignment 6
The requirements for Assignment 7 are as follows:
Create a custom crypter like the one shown in the "crypters" videoFree to use any existing encryption schemaCan use any programming language

SLAE64 - Assignment 6

This post is a continuation of a seven (7) part blog series as part of the SLAE64 certification challenge. You can read the previous blog posts using the links below.

Previous Posts:
SLAE64 - Assignment 1SLAE64 - Assignment 2SLAE64 - Assignment 3SLAE64 - Assignment 4SLAE64 - Assignment 5
The requirements for Assignment 6 are as follows:
Take up 3 shellcodes from shell-storm and create polymorphic versions of them to beat pattern matchingThe polymorphic versions cannot be larger 150% of the existing shellcodeBonus points for making it shorter in length than original

SLAE64 - Assignment 5

This post is a continuation of a seven (7) part blog series as part of the SLAE64 certification challenge. You can read the previous blog posts using the links below.

Previous Posts:
SLAE64 - Assignment 1SLAE64 - Assignment 2SLAE64 - Assignment 3SLAE64 - Assignment 4
The requirements for Assignment 5 are as follows:
Take up at least 3 shellcode samples created using MSFPayload for linux/x86_64Use GDB to dissect the functionality of shellcodeDocument your analysis

SLAE64 - Assignment 4

This post is a continuation of a seven (7) part blog series as part of the SLAE64 certification challenge. You can read the previous blog posts using the links below.

Previous Posts:
SLAE64 - Assignment 1SLAE64 - Assignment 2SLAE64 - Assignment 3
The requirements for Assignment 4 are as follows:
Create a Custom encoding scheme like the "Insertion Encoder" we showed youPoC with using execve-stack as the shellcode to encode with your schema and executeThe full scripts for this assignment can be found here: https://github.com/blu3gl0w13/SLAE64/tree/master/assignment-4.

Supplemental scripts for this assignment can be found here: https://github.com/blu3gl0w13/SLAE64/tree/master/scripts.

SLAE64 - Assignment 3

This post is a continuation of a seven (7) part series for the SLAE64 certification challenge. You can read the first two (2) posts by using the links below.

Previous Posts:

SLAE64 - Assignment 1SLAE64 - Assignment 2
This was a good assignment. Like the SLAE32, I had to create an egg hunter. Here are this assignment's requirements:

Study Egg Hunter shellcodeCreate working demo of Egg HunterShould be configurable for different payloads

SLAE64 - Assignment 2

This is the second blog in the SLAE64 series as part of the certification challenge. If you want to read the previous post first, I provided a link below.

Previous Posts:
SLAE64 - Assignment 1
For this assignment, we had the following requirements:
Create a Shell_Reverse_TCP ShellcodeReverse connects to configured IP and PortNeeds a "Passcode"If Passcode is correct then Execs ShellRemove 0x00 from the Reverse TCP Shellcode discussed