Windows User Mode Exploit Development EXP 301 Course Training Certification

OffSec’s Windows User-Mode Exploit Development (EXP-301) course covers all aspects of contemporary exploit development methodologies. In a self-paced environment designed to improve their abilities in ethical hacking and vulnerability research, students acquire hands-on experience creating bespoke exploits and circumventing security defences.

The OffSec Exploit Developer (OSED) certification is awarded upon successful completion of the online training course and passing the accompanying test. This certification verifies skills in sophisticated exploit creation techniques including as reverse engineering, shellcode authoring, and circumventing contemporary mitigations, making qualified personnel helpful in detecting and fixing software application vulnerabilities.

Course Outline

• WinDbg Tutorial

Master the powerful WinDbg debugger to effectively analyze crashes, investigate memory dumps, and identify vulnerabilities in Windows applications.

• Stack Buffer Overflows

Understand the mechanics of stack buffer overflows and learn how to exploit them to gain control of vulnerable programs.

• Exploiting SEH Overflows

Delve into Structured Exception Handler (SEH) overflows, a specific type of buffer overflow, and master techniques to leverage them for code execution.

• Intro to IDA Pro

Familiarize yourself with IDA Pro, a leading disassembler and debugger, essential for reverse engineering software binaries and uncovering vulnerabilities.

• Overcoming Space Restrictions

Egghunters: Learn how to bypass space limitations in your exploit payloads by utilizing egghunter techniques to locate and execute shellcode.

• Shellcode From Scratch

Develop the skills to write your own custom shellcode, enabling you to perform specific actions on compromised systems.

• Reverse-Engineering Bugs

Learn how to systematically analyze software binaries to identify and understand vulnerabilities that can be exploited.

• Stack Overflows and DEP/ASLR Bypass

Master advanced techniques for exploiting stack overflows while bypassing modern security mitigations such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR).

• Format String Specifier Attacks

Understand and exploit format string vulnerabilities, which can be leveraged to read or write arbitrary memory locations.

• Custom ROP Chains and ROP Payload Decoders

Learn how to construct custom Return-Oriented Programming (ROP) chains to bypass security defenses and build ROP payload decoders for stealthy exploitation.

Who is it For?

The EXP-301 course is suited for persons with a strong background in penetration testing and programming who want to master exploit creation techniques and eventually acquire the OSED certification.

Exam Details

The OffSec Exploit Developer (OSED) test is a rigorous 48-hour proctored assessment that replicates a real network with several susceptible systems. You are responsible for abusing these systems and producing evidence of exploitation.