Client-side attacks are often the easiest method of getting into a secured environment. We understand that, through the clever use of different attack vectors, an attacker is able to take advantage of the inexperience or kindness of our users in order to gain access to client-side computers. Developers are often unable to check for every possible flaw in their programs in the timeframes they are allotted, and as such, many of these vulnerabilities remain undiscovered by the quality assurance teams and developers.
In this chapter, we had a chance to not only learn about buffer overflow vulnerabilities in both 32 and 64-bit code, but also actually create our own vulnerable applications. We then took advantage of this vulnerability using manual techniques as well as automated fuzzing tools such as sfuzz and BED. You learned how to create your own modules and also how to modify existing modules to fit our specific needs.
In addition, we discussed Social Engineering Toolkit, Fast-Track...