Cheating on Windows, Fuzzing and Buffer Overflow: Attack Scenarios and Protection Methods

by CQURE Experts: Adrian Denkiewicz and Artur Wojtkowski

The CyberBytes are virtual trainings developed to provide practical skills required of cybersecurity professionals. Take the CyberByte from world-class cybersecurity pros and stand up to the pace of fast-changing cybersecurity landscape.

 

GET THE ACCESS NOW

BECOME AN IN-DEMAND CYBERSECURITY PROFESSIONAL

 

Cybercriminals are constantly developing more sophisticated ways to hack into systems. According to an April 2021 report, between the third and fourth quarters of 2020 :

  • Microsoft Office malware increased by 199%.
  • Account hijackings are targeted at Office 365 accounts.
  • Exploits targeting new vulnerabilities meanwhile shot up 100% in Q4.
  • Targeted attacks increased 43%.

To protect organisations and people from cybercrime, we have a duty to continuously level up our skills. That’s why we created this advanced cybersecurity training: “Cheating on Windows, Fuzzing and Buffer Overflow: Attack Scenarios and Protection Methods.”

This advanced training is a recorded lesson extracted from our AWSC 2020 edition. In just 2 hours, you’ll learn how to identify buffer-overflow vulnerabilities in Windows applications, exploit remote code execution vulnerability, and use various modern mitigations for vulnerabilities. In short, you will learn how to apply additional mitigations against software attacks in a short time.

We highly recommend this advanced training to cybersecurity specialists, penetration testers, offensive security specialists, and any cybersecurity expert wanting to add to their repertoire of skills and boost their career.

How is this training different?

Short but Intense

Time is precious, that’s why we squeezed the best from the topic into a format designed to feed you with knowledge in short time. Effective solution designed to maximize learning.

Level: Advanced

Going deep and straight to the advanced stuff. Brace yourself as our pace is quite intense. Expect a bit of steam coming out of your ears as we’ll be covering: Buffer Overflow, Fuzzing, Debuggers, and show you an exploitation demo and as well as prevention and an exploit guard.

Cheating on Windows in Practice

The training is extensively hands-on as it has been designed by passionate practitioners and obsessive researchers from CQURE Team.

Only Cool Presenters

We’re bringing you two of our experts – Adrian Denkiewicz and Artur Wojtkowski as teachers and the hosts of the training.

Training Formula

Intense Deep-dive

New format for busy professionals that enables you to skill up in a specific area quickly.

Action Packed

Understand basics of exploit development – you will learn how to use proper toolkit, such as fuzzers, debuggers and scripts for security analysis.

Full Year Access

You’ll get one year of access to all the materials.

Extra Materials

We’ve prepared slides, list of commands and other materials for students to keep.

Exploitation Demo Included

We’re not fluffing around, you’ve been warned.

Training Syllabus

Module 1

Cheating on Windows, Fuzzing and Buffer Overflow:

Attack Scenarios and Protection Methods

 

You will learn how to use exploit development toolkit, in order to identify vulnerabilities in Windows applications. You will learn how to control stack content, registers and program flow in order to exploit remote code execution vulnerability.

We will also cover various modern mitigations for vulnerabilities and some methods on bypassing them.

 

Topics covered:

  1. What is exploit
  2. Buffer Overflow
  3. Fuzzing
  4. Debuggers
  5. Vulnserv
  6. Exploitation demo
  7. Exploitation prevention
  8. Exploit guard

Please note that this training is one of the modules of the Advanced Windows Security Crash Course 2020. And it is recommended for cybersecurity specialists with in-depth experience with Windows 10 and Kali Linux systems.

Your teachers

Adrian Denkiewicz

CYBERSECURITY EXPERT

Adrian Denkiewicz is CQURE’s Expert with over 10 years of experience as a Penetration Tester, Cybersecurity Expert, and Software Developer. Previously, he worked for the financial, e-commerce, and semiconductor industry. Adrian performed dozens of penetration tests and security reviews cooperating with teams from all over the world.

Adrian is a holder of several offensive security certificates, including OSCP, OSCE and CRTE. He participates in bug bounties and looks for critical vulnerabilities in various products, ranging from web to internals of operating systems. Adrian is passionate about learning a bit of everything, but mostly things related to astronomy and rocket science. He has even completed an online rocket science course.

As for more ordinary stuff, he enjoys traveling, good books and playing various board games. 

Artur Wojtkowski

Cybersecurity Specialist

Artur Wojtkowski is CQURE’s Expert with over 13 years of experience gained in many industries, mainly in the telecommunication, banking and insurance sector. He has excellent skills in the area of infrastructure, web and mobile application penetration testing.

During his career, his tasks also included: performing social engineering tests, security code review, performance testing, security management in telecommunication companies, ISO 27001 implementation, administration of SIEM and PKI systems. Member of (ISC)2 and (ISC)2 Poland.

Holder of the certificates: OSCP, OSCE, CISSP.

Who Is It For

Intermediate to Advanced
Windows Security Professionals

If you want to level up in a specific area fast, this training is for you. We promise to challenge your ways of thinking and executing.

Ethical Hackers (Penetration Testers, Offensive Security specialist)

Attendee needs to be fluent in Windows environment. Meaning you are a cybersecurity specialists with in-depth experience with Windows 10 and Kali Linux systems.

Brave Newbies

If you are a newbie bear in mind that the training WILL NOT cover the basics — so it might be a bit challenging for you. The cool thing is that you will be granted lifetime access to the materials so you can learn the topic in your own pace whenever you want.

BENEFITS SUMMARY:

  • Access to 2-hour recorded practical lesson
  • Training materials to download
  • The virtual training covers: Buffer Overflow, Fuzzing, Debuggers, exploitation demo, exploitation prevention, exploit guard
  • One year of access to video recording and training materials for you to keep and get back to whenever needed.

GET COMPLETE ACCESS TO
“Cheating on Windows, Fuzzing and Buffer Overflow: Attack Scenarios and Protection Methods”
FOR ONLY $199

WATCH NOW

×