A Review of Pentester Academy SLAE32 course
Since I finished my “x86 Assembly Language and Shellcoding on Linux”, formerly known as SLAE32, I would like to do a review on the course itself to give you a better idea of whether you should take this course and the certificate exam challenge.
The SLAE32 is one of the courses offered by Pentester Academy, formerly known as Security Tube, and found by Vivek Ramachandran. The course aims to equip you with the foundational knowledge on x86 assembly language, analysis of the shellcode, and create your own shellcode. The course itself is designed around security. It covers several interesting security topics. They are:
- Egg hunters
- Bind and Reverse TCP shellcode analysis
- Metasploit Shellcode analysis
- Shellcode Encryption
- Shellcode Encoder
- Several useful System Calls
- Usage of GDB on shellcode
The first half of the course is the introduction of the x86 assembly language. Vivek did an amazing job to present Assembly language in a way that easy to understand. My favorite part is that Vivek always shows an example of the concept he was talking about. And the code is available to you. This is great because I can follow along with the example code and it really gives me a better understanding of the in and out of the assembly code. The second half of the course leads you to deeper topics in a security context. They are the most fun part of the entire course and I really enjoyed learning how to analyze third-party shellcode, write my own shellcode, and even encode and encrypt them. The GDB part of the course is a bonus section and one trick I learned from Vivek is the “define hook-stop”, which makes the debugging process a lot easier and faster. I highly recommend you look at the GDB bonus section before jumping into the course, it will benefit you throughout the entire course.
The course comes with a certification exam that is unique exists out there. The exam process is to finish seven different tasks varying in difficulty that Vivek designed for you and publish your work on your personal blog. I find it quite enjoyable to do and always feel satisfied to publish my work on my blog. However, some people might think they could just use another student’s code for the exam. Yes, but I think it is very important to do the work yourself because this is the way you really learn and understand the concepts you learned. Even you cross a blog from others, Do Really understand the code others write and DO NOT cheat yourself. To be honest, I did not come to enroll in the SLAE32 for the certificate, but for the understanding and working with x86 assembly and shell-coding. I found the last task is quite challenging and it would be nice if you have a good understanding of Python or C. You will find it easier if you know how to code in these languages. I hope by now you would get an idea of whether this is the course that interested you. Thank you again Vivek and Pentester Academy for this course :) Happy Shellcoding!