Foundational Reconnaissance Scanning and Enumeration Privilege Escalation Defense Evasion Attacking Services Attacking Active Directory Toolkit

Pentesting Foundational Reconnaissance Scanning and Enumeration Privilege Escalation Defense Evasion Attacking Services Attacking Active Directory Toolkit

📝Home
⚒️PENTESTING
👽MALWARE ANALYSIS
🏹THREAT HUNTING
- Foundational
  - ATT&CK Framework
  - CIA Triad
- APTs
🐍PROGRAMMING & SCRIPTING
🕵️DIGITAL FORENSICS
- Anti-Forensic Techniques
- 🪟Windows Security Internals
  - Windows Security Internals
    Kernel
    Security Reference Monitor (SRM)
    Object Manager
    System Calls
    NTSTATUS Codes
    Object Handles
    Query and Set Information System Calls
    The I/O Manager & The Process and Thread Manager
    The Memory Manager
    The Configuration Manager
💼GRC (CISSP Notes)
📦Networking
- Foundational
- Wireless Technologies

Powered by GitBook

On this page

⚒️PENTESTING

Foundational

Buffer Overflows

PreviousSession Hijacking NextFinding the Offset

Last updated 11 months ago

Buffer Overflows occur when the buffer space gets filled up and spills over to the EBP (Extended Base Pointer) and EIP (Extended Instruction Pointer)/ Return Address
When this spill over occurs malicious code can be injected and executed

Steps to Conduct a Buffer Overflow

Spiking - method used to find vulnerable areas of a program
Fuzzing - sending characters at a program to try to break it
Finding the Offset - finding at which point the program broke
Overwriting the EIP - using the offset to overwriting the pointer address
Finding Bad Characters
Finding the Right Module
Generating Shellcode
Root