SecurityTube Linux Assembly Expert Certification

A couple of months back I signed up for the SecurityTube Linux Assembly Expert certification or ‘SLAE’. I’ve thoroughly enjoyed working through the course and overall its a very good introduction to x86 32-bit Assembly programming focusing on how it can be used to write shellcode, encoders, decoders and crypters. I’ve already signed up for their PowerShell for Pentesters certification and will probably also sign up for the Python for Pentesters and Hackers at some point in the future once I’ve completed the Powershell course and a couple of other certifications and training I already have on my to do list.

The certification exam requires the student complete 7 assignments listed below. As I work through the assignments I’ll update the headings below to include links to each assignment.

Assignment 1: Create a shell_Bind_TCP shellcode

  • Binds to a port
  • Execs Shell on incoming connection
  • The TCP port number should be easily configurable

Assignment 2: Create a Shell_Reverse_TCP shellcode

  • Reverse connects to configured IP and Port
  • Execs shell on successful connection
  • The IP and TCP port should be easily configurable

Assignment 3: Study about the Egg Hunter shellcode

  • Create a working demo of the Egghunter
  • Should be configurable for different payloads

Assignment 4: Create a custom encoding scheme like the “Insertion Encoder”

  • PoC with using execve-stack as the shellcode to encode with your schema and execute

Assignment 5: Analyse at least 3 shellcode samples created using Msfpayload for linux/x86

Assignment 6: Take up 3 shellcodes from Shell-Storm and create polymorphic versions of them to beat pattern matching

Assignment 7: Create a custom crypter

  • Free to use any existing encryption schema
  • Can use any programming language

As can be seen the exam is entirely practical. The practical nature of the certification exam is one of the aspects that I really liked about the certification.

The source code for each of the assignments can be found on github:

This entry was posted in SLAE and tagged , , . Bookmark the permalink.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s