navigation

Welcome to exploit.education

exploit.education provides a variety of resources that can be used to learn about vulnerability analysis, exploit development, software debugging, binary analysis, and general cyber security issues.

Virtual machines available

Nebula

Nebula covers a variety of simple and intermediate challenges that cover Linux privilege escalation, common scripting language issues, and file system race conditions.

Nebula is an ideal place to get started for people new to Linux exploitation.

Phoenix

Phoenix introduces basic memory corruption issues such as buffer overflows, format strings and heap exploitation under “old-style” Linux system that does not have any form of modern exploit mitigation systems enabled. It has both 32 bit and 64 bit levels available, for both X86 and ARM systems.

Phoenix is the next progression from Nebula.

Fusion

Fusion continues the memory corruption, format strings and heap exploitation but this time focusing on more advanced scenarios and modern protection systems.

Fusion is the place to start if you are familiar with Linux exploitation and wish to learn more about exploitation prevention systems.

Main Sequence

Main Sequence is the Capture The Flag event from Ruxcon 2012. It provides a variety of challenges such as penetration tool usage, binary analysis, basic cryptographic analysis, client side exploitation, password cracking and general website hacking.

Protostar

Protostar has effectively been replaced by Phoenix - it is kept here for archival reasons. Protostar introduces basic memory corruption issues such as buffer overflows, format strings and heap exploitation under “old-style” Linux system that does not have any form of modern exploit mitigation systems enabled.