HOPE Eleven: Exploit Development

Proposed Workshop


Unexpected input often causes programs to crash. Exploit development is the process of converting such crashes into Remote Code Execution exploits, giving the attacker control of the server. This process can be very simple (code injection) or more complex (injecting binary code).

In this workshop, participants will take over a series of real servers, using these techniques:


This workshop helps particpants move beyond using attacks others have developed to understanding how programs work at the binary level and how to exploit their weaknesses. With these techniques, you can find new vulnerabilities and write proof-of-concept attack code to compete in cybercompetitions or earn bug bounties.

Techical Requirements

Participants need a computer with Kali Linux running, either in a virtual machine or locally. Familiarity with C, Python, and assembly code is helpful but not required.

The venue needs to provide Internet access and desks or tables for the participants to use. I will bring a few loaner computers for people who need them.

Posted 2-3-16 by Sam Bowne