Linux Heap Exploitation - Part 1

share ›
‹ links

Below are the top discussions from Reddit that mention this online Udemy course.

Learn hands-on GLIBC heap exploitation with HeapLAB

Reddemy may receive an affiliate commission if you enroll in a paid course after using these buttons to visit Udemy. Thank you for using these buttons to support Reddemy.

Taught by
Max Kamper

Reddit Posts and Comments

0 posts • 2 mentions • top 2 shown below

r/ExploitDev • comment
4 points • Bowserjklol

>I know about a good amount of techniques like and bypasses but I am slacking on the finding the bug part.

This suggests to me that you're actually looking for RE/VR courses not exploit dev training.

The difference here being in the former (simply and overly-generalized) is focused on tools, techniques and processes for understanding a program and identifying a path to some desired outcome. The latter, again overly-simplified, is all about tools, techniques and processes for constructing and navigating weird machines to achieve that outcome.

This glibc heap exploitation course is focused solely on the exploit development techniques. Conversely, this C Code Review course is all about finding the bug. Your post suggests you're looking for the InfoSect code review course.

r/ExploitDev • comment

The classic one to recommend is shellphish's How2Heap

Covers a lot of different techniques.

Guyinatuxedo's Nightmare includes a heap section for some challenges to practice with.

Introduction to GLIBC Heap Exploitation is a really solid presentation from Max Kamper(created Ropemporium). Only covers two techniques though, house of force and Fastbin Dup. . He does have a longer course on heap exploitation, but I'm not sure when he will run it again, and it was quite expensive ($4200, though the 44con training was only $1500 I think so maybe when cons are back in-person it'll be more affordable.

Half the course is available on Udemy though and combined with Udemy's freuqent coupons and sales, you can get it for pretty cheap (I grabbed it for like $13) Even though its just half the course, I think its still worth the price, he is an excellent instructor and provides practice binaries.