Windows User Mode Exploit Development (EXP-301) is an intermediate-level course which teaches students the fundamentals of modern exploit development. It starts with basic buffer overflow attacks and builds into learning the skills needed to crack the critical security mitigations protecting enterprises.
Students who loved buffer overflows in Penetration Testing with Kali Linux (PEN-200) will find that EXP-301 takes those skills to the next level. This course is one of the replacements for Cracking the Perimeter (CTP), which we retired on October 15, 2020.
Course topics include:
Reverse engineering: learn how to find a bug in a binary application and build an exploit from scratch
DEP and ASLR bypasses: learn how to craft exploits for common security mitigations
Advanced return-oriented programming (ROP): learn the technique used to bypass data execution prevention
View the syllabus for the full list of course modules.
Those who complete the course and pass the 48-hour exam earn the Offensive Security Exploit Developer (OSED) certification. The OSED is one of three certifications making up the new OSCE³ certification, along with the OSWE for web application security and the OSEP for penetration testing.
Learning Objectives
Using WinDbg
Writing your own shellcode
Bypassing basic security mitigations, including DEP and ASLR
Exploiting format string specifiers
The necessary foundations for finding bugs in binary applications to create custom exploits