| Description |
1 online resource (209 pages) : illustrations |
| Contents |
Cover -- Title Page -- Copyright and credits -- Contributors -- About the reviewers -- Table of Contents -- Preface -- Section 1: Shellcode -- Chapter 1: The Ins and Outs of Shellcode -- What is shellcode? -- Examples of shellcode -- Shellcode versus a payload -- Breaking down shellcode -- Exploring the common types of shellcode -- Local shellcode -- Remote shellcode -- Summary -- Further reading -- Chapter 2: Assembly Language -- Technical requirements -- Demystifying assembly language -- Types of assembly language -- Identifying the elements of assembly language -- Registers and flags |
|
Data movement instructions -- Arithmetic instructions -- Conditional instructions -- Summary -- Further reading -- Chapter 3: Shellcode Tools and Resources -- Technical requirements -- Interpreters, compilers, and assemblers -- Interpreters -- Compilers -- Interpreters versus compilers -- Assemblers -- Tools and resources for developing shellcode -- Netwide Assembler (NASM) -- Microsoft Assembler (MASM) -- Visual Studio -- GNU Compiler -- IDA Pro -- x64dbg -- Shellcode creation tools -- Online shellcode resources -- Summary -- Section 2: Writing Shellcode |
|
Chapter 4: Developing Shellcode for Windows -- Technical requirements -- Environment setup -- Installing Mona -- Anatomy of memory -- Shellcode techniques -- Buffer overflow attacks -- Backdooring PE files with shellcode -- Egg hunter -- Summary -- Further reading -- Chapter 5: Developing Shellcode for Linux -- Technical requirements -- Environment setup -- Executable and Linking Format (ELF) fundamentals -- Shellcode techniques -- Basic Linux shellcode -- Egg hunter shellcode -- Reverse TCP shellcode -- Writing shellcode for x64 -- Format string vulnerabilities -- Summary -- Further reading |
|
Section 3: Countermeasures and Bypasses -- Chapter 6: Countermeasures and Bypasses -- Technical requirements -- Countermeasures and bypasses for Windows -- Address space layout randomization -- Data execution prevention -- Stack cookies -- Structured exception handling -- Countermeasures and bypasses for Linux -- NoExecute -- Address space layout randomization -- Relocation read only -- Summary -- Further reading -- Index -- Other Books You May Enjoy |
| Summary |
Gain practical knowledge of shellcode and leverage it to develop shellcode for Windows and Linux operating systems, while understanding the countermeasures in place and how these can be bypassed Key Features Get up and running with shellcode fundamentals Develop Shellcode for Windows and Linux Understand the building blocks of shellcode Book Description Shellcoding is a technique that is executed by many red teams and used in penetration testing and real-world attacks. Books on shellcode can be complex, and writing shellcode is perceived as a kind of "dark art." Offensive Shellcode from Scratch will help you to build a strong foundation of shellcode knowledge and enable you to use it with Linux and Windows. This book helps you to explore simple to more complex examples of shellcode that are used by real advanced persistent threat (APT) groups. You'll get to grips with the components of shellcode and understand which tools are used when building shellcode, along with the automated tools that exist to create shellcode payloads. As you advance through the chapters, you'll become well versed in assembly language and its various components, such as registers, flags, and data types. This shellcode book also teaches you about the compilers and decoders that are used when creating shellcode. Finally, the book takes you through various attacks that entail the use of shellcode in both Windows and Linux environments. By the end of this shellcode book, you'll have gained the knowledge needed to understand the workings of shellcode and build your own exploits by using the concepts explored. What you will learn Gain a thorough understanding of shellcode Get to grips with assembly language and its key purpose in shellcode development Identify key elements of memory registers Explore debuggers and their use cases Get up and running with hands-on shellcode creation for both Windows and Linux Exploit Windows and Linux operating systems using shellcode Assess countermeasures of Windows and Linux Who this book is for This book is for red teamers, penetration testers, and anyone looking to learn about shellcode and find out how it is used to break into systems by making use of simple to complex instructions of code in memory. Basic shellcode knowledge is helpful but not mandatory to understand the topics covered in this book |
| Subject |
Computer security.
|
|
Programming languages (Electronic computers)
|
|
Computer Security |
|
Sécurité informatique. |
|
Computer security |
|
Programming languages (Electronic computers) |
| Other Form: |
Print version: Pillay, Rishalin. Offensive Shellcode from Scratch. Birmingham : Packt Publishing, Limited, ©2022 |
| ISBN |
1803232862 |
|
9781803232867 (electronic bk.) |
|
More Resources