877.791.9571 |

About the Author:

Stephen Bradshaw is security researcher for InfoSec Institute and an IT Security Specialist in Australia, with a focus on the areas of penetration testing and incident detection and response.

Restricted Character Set Vulnserver Exploit Tutorial

This tutorial will cover the process of writing a buffer overflow exploit for a known vulnerability in the Vulnserver application. This is the sixth article in the Vulnserver series.

Vulnserver […]

Egghunter Exploitation Tutorial

This tutorial will cover the process of writing a buffer overflow exploit for a known vulnerability in the Vulnserver application. This is the fifth article in the Vulnserver series.

Vulnserver […]

SEH Based Overflow Exploit Tutorial

Introduction
This tutorial will cover the process of writing an SEH based buffer overflow exploit for a known vulnerability in the Vulnserver application.

Vulnserver is a Windows server application that deliberately […]

Stack Based Buffer Overflow Tutorial, part 3 – Adding shellcode

This is the third article in a series of three on stack based buffer overflow. Before you read further, you will want to read the first and second articles.

At […]

Stack Based Buffer Overflow Tutorial, part 2 – Exploiting the stack overflow

This is the second article in a series of three on stack based buffer overflow. Before you read further, you will want to read the first article.

In that article […]

Stack Based Buffer Overflow Tutorial, part 1 – Introduction

Introduction

This tutorial, in three parts, will cover the process of writing a simple stack based buffer overflow exploit based on a known vulnerability in the Vulnserver application.

Vulnserver is a […]

OllyDbg Tricks for Exploit Development

This is the second article in a series about using the OllyDbg, a 32 bit assembler level analyzing user mode debugger for Windows.

In part one of this tutorial we […]

Debugging Fundamentals for Exploit Development

,

Introduction

This is a basic exploit writers tutorial for OllyDbg, a 32 bit assembler level analyzing user mode debugger for Windows. Version 1.10 of OllyDbg is used, but the majority […]

Fuzzer Automation with SPIKE

This is continued from the previously posted Introduction to Fuzzing article.

Automating the SPIKE Fuzzing of Vulnserver

What we need is a way to send multiple SPIKES, one after the other, […]

An Introduction to Fuzzing: Using fuzzers (SPIKE) to find vulnerabilities

This article discusses the process of fuzzing an application to find exploitable bugs. Vulnserver, a TCP server application deliberately written by Stephen Bradshaw to contain security vulnerabilities, will be […]