Tutorial

Maltego and advanced exploit writing: The PDF tutorial collection

Exploit development is an essential skill for any infosec professional who has to grapple with specific project requirements and pen testing exercises. This is precisely the reason why we put together this comprehensive collection which collates our set of exploit development and Maltego guides.

Our exploit writing tutorials will teach you the works — right from the basics of how to script an exploit using PERL, then port and exploit to Ruby, and all the way to fuzzing as well as shell coding. In addition to exploit writing, our compendium features Maltego, a formidable open source intelligence (OSINT) tool that can be tapped to conduct detailed individual reconnaissance of a potential target.
These guides will also show you how to perform infrastructural reconnaissance using Maltego. So here are all four of our tutorials as free PDF downloads for your offline browsing.

    Requires Free Membership to View

How to develop custom exploits: Part 1 of 2

There are times when an infosec professional has to go beyond the use of readily available exploits, and write a custom script to meet specific requirements. Our first tutorial on exploit development will teach you how to craft custom exploits, as well as look at various aspects of exploit writing and useful techniques.
This exploit writing PDF download will explore different vulnerability discovery classifications, various aspects of fuzzing, and develop practical approaches from available theory.

>>Click here to download the first part of our Exploit writing tutorial in PDF format for free<<

Advanced exploit development DIY: Part 2 of 2

While the first PDF in the exploit development tutorial series focused on how to script basic Perl exploits, this installment will examine how you can write exploits in PERL, and port exploits to Ruby. Get all the background info you need to become a proficient exploit writer in this installment — starting with pointer and memory arrangement to shell coding, defining and connecting to the exploit.

>>Download the second tutorial in this series as an exploit development PDF guide for free<<

Information gathering using Maltego; Part 1

Maltego is an OSINT tool designed for information gathering from different sources — a tool of choice for information gathering, a prime aspect of pen testing. It is powerful in trained hands, and includes options for search engine SMTP queries. This tutorial looks at how you can perform individual reconnaissance on a target using Maltego to acquire as much information about a target prior to the hit.

>>Click here to get the first part of our Maltego tutorial series in PDF format<<

Infrastructural reconnaissance using Maltego; Part 2

Moving beyond the personal reconnaissance activities covered in the first installment of this series, we now look at the use of this tool to gather information about infrastructure. This form of reconnaissance covers aspects such as the autonomous system (AS), DNS names, IPv4 addresses, mail exchange servers (MX), and so on. Join us, as we look at how to garner target details using this multi-faceted tool.

>>Click here to get this Maltego tutorial as a free PDF download<<

This was first published in November 2012