Center for Cyber Security Training LLC is happy to bring to you EXPLOIT DEVELOPMENT in partnership with Corelan GCV. We're excited to announce that we have two public classes with limited availability. Advanced on January 28-31, 2019 and Bootcamp on a future date. Registration forms specify all the details and the link can be found under each abstract.
- Course contents are subject to change. Both this website and www.corelan-training.com site.
- It will be required to sign a confidentiality agreement at
the start of the course. You will not be admitted to the course without
signing this document. You can find a copy of the document here.
- We do not provide
solutions for any of the exercises in this course, but we will help you to find
the solutions yourself, either during the course of after the course (via the
ADVANCED EXPLOIT DEVELOPMENT
The “ADVANCED” exploit
development class is a fast-paced, mind-bending, hands-on course where you will
learn advanced exploit development techniques from an experienced exploit
developer. During this 4 day course, students will get the
opportunity to learn how to write exploits that bypass modern memory
protections for the Win32 platform. The trainer will share his “notes
from the field” and various tips & tricks to become more effective at
This is most certainly not an entry level course. In fact, this is a one of the finest and most advanced courses you will find on Win32 exploit development.
This hardcore, practical, hands-on course will provide students with solid understanding of current Win32 exploitation & memory protection bypass techniques, with a strong focus on the Windows heap. We make sure the course material is kept updated with current techniques, includes previously undocumented tricks and techniques, and details about research we performed ourselves. Combined with the way the course is built up, this will turn this class into a truly unique learning experience.
During all of our courses, we don’t just focus on techniques and mechanics, but we also want to make sure you understand why a given technique is used, why something works and why something doesn’t work.
Date: January 28-31, 2019
Location: Columbia, Maryland
Registration: Registration Form
ASLR & DEP Refresher
Heap Feng Shui & heaplib
Precise Heap Spraying in modern browsers
Heap Exploitation (Internet Explorer as an example)
Exploiting Browser Use-After-Free conditions
Memory leaks / Information Disclosure
Heap Overflows, Heap Manipulations and primitives
Students NEED to:
- be able to read simple C code and simple scripts
- truly master all basic concepts of exploit development, as listed in our “BOOTCAMP” course. If you have taken the Bootcamp course and done a lot of practice after taking the class, then you’re probably ready for this class.
- be familiar with ROP (i.e. understand how it works on Windows, know how to build a ROP chain, know how to use mona.py to generate a chain and how to fix the chain if it doesn’t work)
- be familiar with using debuggers (we’ll use WinDBG for most part of the course, but we’ll spend some time explaining the basics of using WinDBG. It is assumed that you have practical experience with Immunity Debugger and mona.py)
- be ready to dive into a debugger and read asm for hours and hours and hours
- be ready to think out of the box and have a strong desire to learn
- be fluent with managing Windows / Linux operating system and with using vmware workstation/virtualbox
- be familiar with using Metasploit to generate shellcode
- have basic practical knowledge of assembly
It’s imperative for students to comply with these prerequisites.