Attackers must have a fair bit of understanding about the assembly language to develop custom exploits. In this section, we will cover some basics that are required to develop a Windows exploit by building a vulnerable application.

From the exploit development perspective, the following are the basic terms that penetration testers must understand for when they develop an exploit:

• Registers: All of the processes execute via registers; these are used to store information.
• x86: This includes 32-bit systems that are mostly Intel-based; 64-bit systems are represented as x64.
• Assembly language: This includes a low-level programming language.
• Buffer: This is a static memory holder in a program that stores data on top of the stack or heap.

• Debugger: Debuggers are the programs that can be utilized so that you can see the runtime of a program while executing. You can also use them to look at the state of registry and memory. Some of the tools that we will be using are immunity debuggers, GDB, and ollydbg.
• ShellCode: This is the code that is created by the attackers in a successful exploitation.

The following are the different types of registers:

• EAX: This is a 32-bit register that is used as an accumulator and stores data and operands
• EBX: This is a 32-bit base register and acts as a pointer to the data
• ECX: This is a 32-bit register that's used for looping purposes
• EDX: This is a 32-bit data register that stores I/O pointers
• ESI/EDI: These are 32-bit index registers that act as data pointers for all the memory operations
• EBP: This is a 32-bit stack data pointer register
• Extended Instruction Pointer (EIP): This is a 32-bit program counter/instruction pointer that holds the next instruction to be executed
• Extended Stack Pointer (ESP): This is a 32-bit stack pointer register that points exactly to where the stack is pointing
• SS, DS, ES, CS, FS, and GS: These are 16-bit segment registers
• NOP: This stands for no operations
• JMP: This stands for jump instructions