Exploit Development Training

Exploitation is becoming more difficult since each update to Windows and other operating systems introduces new mitigation to guard against system compromise. Windows introduced Virtualization-Based Security (Memory Protection) which also include hardware and firmware level security by including modules i.e. Memory Access Protection and Memory Integrity Protection.  In Windows 10 Microsoft already release Exploit Protection Module with includes Control Flow Guard, Arbitrary Code Guard  and Win32k SysCall Disabler, and hardware security mechanisms actually occur in Windows 11, i.e. (Secure Boot and taking advantage of TPM).

Difficulty Level

BIOS and Driver Exploitation
Kernel and Application Exploitation
local Application (Stack/Heap) Exploitation

About Course

This course is designed for people looking to begin a career in exploit development. All of the fundamentals are addressed in this course, along with practical examples of how buffer overflow and memory behave in operating systems. The main focus of the course is to understand the internals of windows operating system (x86) and their DLL working. Understanding and working of GDT, IDT and LDT. Proper understanding of the Real and Protected modes, as well as the Control Unit and General Purpose registers.

Course Perquisites
  • Basic Knowledge of C/C++ and Python 2.x/3.0
  • Basic understanding of Operating System
  • Familiar with working in windows Environment
Computer System Requirements
  • 6 GB RAM or Above
  • Windows 10 Operating System as a Host Machine
  • VMware workstation 15 or above
  • 60 GB HDD Free space

 

This Course is For

This course is specifically designed for those who want to understand how buffer overflows work and are interested in writing code to try and control applications that cause buffer overflows, as well as those who want to perform fuzzing and efficiency testing on applications running on the Windows operating system.

Who should enroll for this course ?
  • Quality Testers
  • Exploit Developers
  • Vulnerability Managers
  • Penetration Testers

Course Modules

This course is the initial step toward entering the exploit development field. It will cover the fundamentals of exploit development as well as buffer overflow. On the x86 architecture, practical (Buffer Overflows) work will be performed.

  • Introduction to Assemblies (x86 and x86_64)
  • Introduction to Debuggers (User Mode and Kernel Mode)
  • Introduction to Exploit Development and their Mitigations (EMET  and Windows Defender Exploit Guard)
  • Implementation of Stack based overflows and resume of execution
  • Integer Based overflows
  • String Based overflows
  • Pointer Based overflows
  • ROP Chain Generation
  • Introduction to x86_64 Windows heap structure
  • Bypassing ASLR on Windows 10 (x86)

About Course

Exploit Development Expert is intermediate level course. This course is specially designed for  developing stack and heap level exploit with several mitigations bypassing at user mode i.e. (SEH, SEHOP, Heap Spray, DEP, ASLR, JIT Spray). In this course only x86 architecture will be covered and their exploit development.

Course Perquisites
  • Familiar with bash, VBS, Java and python scripting
  • Familiar with Java, C/C++ and C# programming languages
  • Hands-on experience of Debuggers (WinDBG, x64dbg/immunity and OllyDBG)
  • Understanding of networks and basics of exploitation
  • Basic Knowledge of reverse engineering
Computer System Requirements
  • 64-bit CPU host Windows 10/11
  • 8 GB RAM or Above
  • 120 GB HDD of free space
  • VMWare workstation

This Course is For

This course is intended for those interested in pursuing a career in advanced exploit development and approaching hardware level exploitation. The primary aim of this course is to attack x86 architecture and get an expertise of customized undetectable shellcode development.

Who should enroll for this course ?
  • Security Researchers
  • Bug Hunters
  • Network Administrators
  • Vulnerability Assessors
  • Risk Managers

Course Modules

All of the course information is based on real-world vulnerabilities, case studies, and researchers. All modules and processes will be based on the x86 architecture.

  • Bypassing Structure Exception Handling and Overwrite Protection
  • Bypassing Space limitation to Execute exploit code
  • Creating Custom shellcode using ROP for code reusability
  • Bypassing user mode NX/ASLR and stack cookie/Unicode
  • Working of x64_84 architectures and their overflows
  • Memory Pointer Leaks and Use-after-Free
  • Introduction to Kernel Debugging

About Course

This course is designed for candidates are having knowledge and hands-on experience with exploit development. This course covers all the advance level of exploitation and latest mitigations applied by security researchers. This course also includes several case studies and research projects, as well as 0-day vulnerability assessment and exploitation.

Course Perquisites
  • Must have strong grip on C#, C/C++ and python 3.0
  • Familiar with kernel and user mode debuggers i.e. (x64dbg, WinDBG, IDA pro)
  • Hands-on experience  of exploit development i.e. (ASLR, DEP)
  • Understanding of working of Operating System and it’s architecture/assembly (x86_64)
  • Basic understanding of hardware and  virtual memory and its working
  • Ready to test your limits
Computer System Requirements
  • 8th Gen/Ryzen™ 3 Processor (64-bits with support of TPM 2.0, SMM, Secure Boot, VT-x/EPT, VT-d, NX, SGX and Mode-Based Execution Control) or Above
  • 16 GB RAM (DDR4/5) or Above
  • 256 GB HDD/SSD Free space or Above
  • VMware Workstation 16 or Above

This Course is For

This course is specifically created for people who are interested in exploit development and are prepared to spend hours upon hours learning about the internals of programmes and their processes.

Who should enroll for this course?
  • Security Researchers
  • Exploit Developers
  • Bug Hunters
  • Vulnerability Assessors
  • Operating System Developers

Course Modules

This Course update on each major security update releases for windows operating system or at kernel/hardware level, This course is only design for x86_64.

  • Bypassing Windows Exploit Protection Module i.e (CFG, ACG, CIG, SimExec, EAF, DEP)
  • Exploiting Virtual-Based Security and kernel mode security i.e. (WSL2, Windows Sandbox)
  • Bypassing DMA (Direct Memory Access) Protection and Secure boot
  • Exploiting Windows 11 Drivers and Windows Applications

Feel Free to Ask

Exploit development is the art of manipulating a limited region of an application/kernel and obtaining the desired result utilizing a skill set.

Enter Mobile Number with Country Code
Thank you for your message. Our sales representative team will contact you shortly
There was an error trying to send your message. Please try again later.