Pentesteracademy.com x86 Assembly Language and Shellcoding on Linux Course Review

Most people interested in information security have likely visited SecurityTube.net before but for those who haven’t it’s a great aggregator for videos of tutorials, demonstrations and conferences. The site’s owner Vivek Ramachandran has produced a ton of free content and a few paid courses. Late last year he transitioned all of his premium courses to a new site at pentesteracademy.com where you can access all of his courses for a monthly $39 fee.

I recently finished going through his “x86 Assembly Language and Shellcoding on Linux” course and wanted to share my thoughts on it. Before watching his videos I knew almost nothing about Assembly language or shellcode but I did know that I needed to have a good understanding of both in order to be any good at reverse engineering and exploit development.

The first seven or so videos cover a lot of system architecture and explain what the different registers are and how they’re used. This is a very tricky section because he’s explaining things that you’ll need to know for the rest of the course but they’re hard to visualize since he hasn’t started the demonstrations yet. I never felt lost during his explanations but once the demonstrations started in videos eight and nine you start applying the information from the first section of slides and it all falls into place.

Videos 8 through 21 walk the student through assembly language concepts like understanding and using the stack, loops, math, strings etc. At the end of those videos I wouldn’t say I was “good” at assembly language but I was at least getting comfortable with it. Before I started I would have looked at assembly language and had no clue what I was looking at. Now I can look at it and while I may not understand what the code is accomplishing I understand each of the little pieces and what they’re doing. Now when I look at the reverse engineering book I’m getting ready to read I don’t feel like I’m reading Klingon.

There is plenty of assembly in videos 22 through 37 but the main focus is on shellcode. Vivek explains what shellcode is, what changes you need to make in your assembly in order for your shellcode to work and writes some hello world shellcode using different techniques like JMP-CALL-POP. Once again I didn’t feel like an expert but I sure understand a lot more. Vivek then covers InfoSec specific content like encoders (both using others and making your own) and polymorphism. The series ends with a look at analyzing other’s shellcode and writing custom crypters.

I’ve gone through several of Vivek’s other videos but this is the first time I’ve gone through one of his courses start to finish. The course is exactly what I needed and I’ve already recommended to a friend who is working on learning reverse engineering but would like a better understanding of assembly. If you’re like me and hitting a point in your InfoSec studies where you realize that you need to understand some of the low level material in order to learn advanced topics this is a great resource. He really does start from square one so no prior knowledge is expected.

One of the reasons I initially signed up for pentesteracademy.com was that I was a big fan of Vivek’s word on securitytube and wanted to support his efforts. I also seem to learn a lot better from video explanations and demonstrations that I do from books. I paid $99 for the first month and $39 a month after that but he occasionally runs specials where the first month is $39. He’s been adding a lot of new content to ongoing courses and coming up with new courses so I don’t think it’s possible to go through everything unless watching videos is your full time job. I think his web app hacking course alone is up to almost 70 videos and still going.

While I was in the arsenal room at Blackhat last month I looked over and saw Vivek checking things out. I went over to him and introduced myself, thanked him for everything he taught me and had a nice conversation with him. He was incredibly friendly, gracious and humble and thanked me for my support. I saw him again at Defcon and he approached me, said “Hi Matt” and asked how I was enjoying the conference. He is a genuinely nice guy.

Even with no bonus points for being a nice guy his site is an amazing training value. He has several free videos in each series so you can get a feel for his teaching style. He just started a free “Make Your Own Hacker Gadget” series that I’m going to follow along with.

If you like video instructionals and have things like “Learn assembly”, “Learn to write exploits” and “Improve my Python” on your to-do list then pentesteracademy.com is well worth your time to check out.

On a completely unrelated topic, I had an absolute blast at Blackhat and Defcon and have already reserved a room at the Defcon site for next year. I did a write up on my experiences as a first timer which should appear on ethicalhacker.net soon. I also grabbed several signed books there which I had already purchased copies of so I’ll probably do a giveaway here for my unsigned copies of those once the article hits.

Comments

Post a Comment

Popular posts from this blog

SANS Index How To Guide with Pictures

Image
I got some great advice recently on creating an index for SANS exams and I wanted to write a blog post to share it with others. I took the SANS FOR 508 Computer Forensics course in 2008. It was way over my head but I had a great time and learned a ton. A few months ago I finally decided to go for my GCFA certification. I had four year old material from a course that had been completely revamped and no index. I passed the exam with a score in the 80s but it was a grueling experience. I had to rush on the last part of the exam and never felt comfortable. A few months after my GCFA exam I got an opportunity to attend a SANS SEC 504 class. I really wanted to prepare for my GCIH exam the right way so while I was at the conference I asked several individuals how they prepared their index. Most people told me that their indexes were 8-10 pages. A lot of these people had more SANS certs than I have friends so their methods obviously worked for them. My class had a teaching assistant (also SANS
Read more

Introducing FaviconLocator: The Eazy Button to Searching by Favicon

Image
  Favicons (short for favorite icons) are the cute little pixelated images that appear next to the site name in web browser tabs, bookmarks, etc. In the image below we can see the iconic GitHub logo on their site and the KFC logo on a bucket of chicken on their site. Originally, favicons were designed to add a touch of professionalism and branding, but for anyone who is like me and has over a dozen tabs open at any time, favicons are the only thing displayed and how I navigate tabs. Most of us rely on favicons on a daily basis but many never think of them as a tool we can use in OSINT and CTI investigations. That’s what we’re doing to talk about here as well as introduce a new tool. In addition to branding and aiding in navigation between tabs, favicons can serve as unique identifiers for websites. These unique identifiers can help us: Trace the online presence of organizations and discover obscure digital assets Map the online infrastructure of potential threats Potentially de-ano
Read more

Automating Domain Squatting Detection with DNSTwist and Python

Image
  There’s a good chance that, at some point, you’ve received a spam email with a link that looked close to the name of a popular domain but was just a little off. Payapl.com instead of Paypal.com or similar. Domain squatting is a malicious activity where attackers register domain names similar to legitimate ones. Attackers may use these domains to deceive users into believing they are visiting a legitimate website, which can lead to phishing and other attacks. DNSTwist (available here: https://github.com/elceef/dnstwist ) is a popular tool that helps identify domain names that are similar to a given domain name. It generates a list of potential domain names by applying various fuzzing techniques to the given domain name and then checks if these domains are registered. Check out the list of Bank Of America copycat domains: DNSTwist is an amazing tool that should likely be a part of every organization's Cyber Threat Intelligence monitoring efforts, and I wanted to automate it
Read more