Module: Assembly Internals and Shellcoding This module is dedicated to providing attendees with a strong understanding of the Arm instruction set, based on the Armv8-A architecture. Participants will learn how to perform static and dynamic analysis of compiled programs. Through hands-on labs, students will reverse engineer binaries, write shellcode, and exploit memory corruption vulnerabilities.
Module: Exploit Development for Firmware N-Days, Advanced ROP Techniques This module focuses on practical exploitation of two real-world router firmware targets. Students will learn the process of building and debugging memory-corruption exploits from scratch. They will also develop advanced null-free mprotect() ROP chains to bypass the XN exploit mitigation, avoiding noisy techniques like ret2libc through the system() API. Debugging and analyzing real-world processes will teach students how to overcome common obstacles and handle process forks.
Module: Advanced Heap Exploit Engineering (A32) This module provides an in-depth study of exploit categories and techniques for improving exploit reliability. Students will focus on the heap-overflow vulnerability category, engaging in exercises that cover advanced heap exploitation techniques. They will apply these skills to develop a fully functional exploit that bypasses all available exploit mitigations on the target. Concepts taught include heap grooming, creating relative and arbitrary read primitives, and constructing fake vtables.
This course outline represents the A64 version, focusing specifically on the A64 instruction set architecture. The modules included in this version are tailored to provide in-depth knowledge and exploitation techniques relevant to the A64 architecture. We also provide the flexibility to combine modules from both instruction sets to create a comprehensive course that covers a wide range of exploitation and reverse engineering topics. This enables attendees to gain a holistic understanding of both Arm instruction sets and their specific differences.
Whether you choose the A64-specific modules, the A32-specific modules, or a combination of both, our aim is to provide a customized learning experience that meets your specific requirements and objectives. Our courses offer the flexibility to be tailored according to your specific needs in terms of duration and topics covered. Whether you require a condensed version or an in-depth exploration, we can customize the course to align with your goals.
Please note that the pricing of the course will vary based on its length and the number of students enrolled. We offer discounts for booking multiple course sessions and for larger class sizes exceeding 10 participants. This ensures that you not only receive a personalized learning experience but also benefit from cost savings when organizing training for a larger group. Contact us to discuss your preferences and receive a customized proposal that fits your specific requirements.
Learn Arm Assembly
Learn the internals of the A32 instruction set.
Analyze Vulnerabilities
Dissect and exploit memory corruption vulnerabilities.
Write Exploits
Develop and debug memory corruption exploits.
Bypass Exploit Mitigations
Learn how to bypass common exploit mitigations.
Compromise the Device
Write exploits and hack real-world router firmware.
Tired of simple buffer overflow challenges? Waste no time and get your hands on real targets. This course takes attendees from the basics of Arm assembly to debugging vulnerabilities in real router firmware. By the end of this course attendees will have written N-day exploits and bypassed on-device exploit mitigations.
Who wants to stare at boring text slides for days? Nobody. Azeria Labs courses are designed to improve the learning experience by addressing different learning styles. Packed with aesthetically pleasing visual explanations of complex technical concepts, the course material helps ensure attendees understand and retain more knowledge and learn faster.
To keep participants engaged and on track, attendees will receive a physical workbook to guide them through each lab. This comprehensive training workbook is designed to take attendees step-by-step through every concept taught in class, reinforcing learning and making sure no step is overlooked.
Lose no time on complicated installations, managing dependencies, or troubleshooting configuration problems on software before class. Attendees get pre-configured and ready-to-use lab environments with all necessary tools, scripts, exploit templates, and emulations, in form of a VM or cloud access.
For detailed course outlines and price quotes, email contact [at] azeria-labs.com from your company email account. Please note that our private training sessions are available to corporations and government organizations with minimum class sizes of 10 people.