Exploit develpment on windows 10

I would like to setup an exploit development on windows 10 x64 bits

  • Immunity debugger x86 apps
  • wingdb
  • IDA
  • process explorer
  • buch of vulnerable apps(securityfocus,exploitdb , etc)

Templates C/C++ for exploitation (if you could borrow me some )

  • Saved Return Pointer overwrites
  • Structured Exception Handling
  • Bad Characters
  • Limited buffers
  • Egg hunters
  • Introduction to shellcoding
  • Metasploit modules
  • Unicode buffers (if I found samples real world)
  • Bypassing ASLR
  • Bypassing DEP

what else?

If you’re looking for things to practice or do, I’d really recommend you go through Corelan’s exploit writing tutorial/series or something like it instead of trying to do everything in your own self-made sandbox. There will be gotchas that you won’t know how to deal with unless you go through a tutorial that can warn you about them and help you avoid them.

I did the corelan tutorials along with fuzzy one, except browwser & kernel exploitation because I need some more free time to practice but I would like to host my own self-made sandbox… how can I setup for windows 10 instead of windows xp , 7 ?

Get a windows internals book? I personally don’t know what the differences are on a very low level but if you’ve gone through all the corelan stuff and you’re not doing kernel hacking then it should be more or less the same across the board.

do I need kernel exploitation for browsers?

Not unless you want to get into the kernel from a browser. If you’re exploiting the browser, then you’re probably exploiting it’s JS core.

if I want to exploit IE, edge , chrome , safari and sandbox bypass . should I need kernel or do I still need JS core / webkit ?

Exploiting a browser and escaping their respective sandboxes has nothing to with the kernel…The kernel sits several layers below a web browser, it has no concept of what a web browser is.

This is not to say that you couldn’t cause affects that impact the way a browser behaves from the kernel, I’m just saying you don’t need to know kernel exploitation/kernel development to successfully exploit popular browsers

thanks for your anwser

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.