Training Courses

CorelanĀ® Exploit Development

Corelan's world-renowned "Exploit development for Windows" classes are a unique learning experience, compiling years of rich hands-on experience into meticulously designed courses. The "Bootcamp" focuses on stack-based exploitation now 100% Windows 10 based which contains intro to x64 stack-based exploitation, and the "Advanced" course dives deep into the fascinating world of the windows heap exploitation and memory leaks now Windows 7 & 10 Heap and contains intro to x64 stack and heap exploitation. These courses cover topics that others don't teach, share private research and practical tips & tricks to become better at writing exploits for the Windows platform, and aims at inspiring you how to perform research by yourself.

Linux Kernel Internals & Development, and Exploitation & Rootkits (LKXR)

The goal of Linux Kernel Internals & Development is to enable students to develop and debug loadable kernel modules that extend the functionality of the modern 64-bit version Linux kernel.

The goal of Linux Kernel Exploitation & Rootkits (LKXR) is to provide a good understanding of offensive and defensive software development in the Linux kernel and the knowledge to detect malicious activity in the kernel and defend against it.

Windows Internal Architecture & Malware Techniques

The unique Windows Internal Architecture course takes you through a journey of Windows internals as it applies to user-mode execution i.e. applications and services. For each topic that is covered, they’re accompanied with the hands-on labs helping with observing things in action and thus solidifying the understanding of the topic.

Both courses are examined through the lens of security both from an offense and defense perspective.

The Windows Malware course takes attendees through a practical journey with a hands-on approach to teach them about the post-exploitation techniques used by PE file-based implants at every stage of their execution. The knowledge and hands-on experience will help learn about how malware and implants interact with the latest version of Windows and how the different stages of malware abuse and exploit various components of Windows OS to achieve their goals and evade defenses.

Windows Kernel Internals & Rootkits

Kernel-mode software has unrestricted access to the system. This is why most anti-malware solutions and rootkits are implemented as Windows kernel modules. To analyze rootkits, identify indicators of compromise (IoC) and collect forensic evidence it is critical to have a good understanding of the architecture and internals of the Windows kernel.

To achieve maximum stealth and obtain unabated access to the system, rootkits execute in kernel mode. This course focuses on the kernel interfaces (APIs), data structures and mechanisms that are exploited by rootkits to achieve their goals at every stage of their execution. Kernel security enhancements that have been progressively added from Windows 7 to the latest version of Windows are discussed along with some circumvention techniques.

Hands-On Threat Modeling

Threat modeling is the primary security analysis task performed during the software design stage. Threat modeling is a structured activity for identifying and evaluating application threats and vulnerabilities. The security objectives, threats, and attacks modeling activities during the threat modeling are designed to help you find vulnerabilities in your application and the supporting architecture. You can use the identified vulnerabilities to help shape your design and direct and scope your security testing.

Full-Stack Pentesting Laboratory

Modern IT systems are complex and it’s all about full-stack nowadays. To become a pentesting expert, you need to dive into full-stack exploitation and gain a lot of practical skills. That’s why I created the Full-Stack Pentesting Laboratory.

For each attack, vulnerability and technique presented in this training there is a lab exercise to help you master full-stack pentesting step by step. What’s more, when the training is over, you can take the complete lab environment home to hack again at your own pace.

Mastering Burp Suite Pro

Burp Suite Pro is the leading tool for auditing Web applications at large, but also a complex beast where new features get added every few weeks. Mastering Burp Suite Pro, including its newest features, allows testers to get the most out of the tool, optimizing time spent auditing and testing. Work will be faster (hotkeys!) and much more efficient (more tools, more possibilities!). Attendees will also learn to measure and assess the quality of their attacks, a crucial skill in real-life engagements that can make the difference between a false-negative and a critical finding.

Applied Data Science for Cyber Security

This interactive course teaches security professionals how to use data science techniques to quickly manipulate and analyze network and security data and ultimately uncover valuable insights. Topics range from data preparation and feature engineering to machine learning and implementation.

Black Belt Pentesting / Bug Hunting Millionaire (Live-Online)

Modern Web applications are complex and itā€™s all about full-stack these days. Thatā€™s why you need to dive into full-stack exploitation if you want to master Web attacks and maximize your payouts. Say ā€˜Noā€™ to classical Web application hacking. Join this unique hands-on training and become a full-stack exploitation master.

Physical Penetration Testing

In this intense five-day course, students will learn a variety of covert techniques used to enter secure commercial facilities. From lock picking and key decoding to RFID cloning and alarm sensor bypassing, students who demonstrate hands-on proficiency in key tactics will earn a Certificate of Completion.

Tactical Exploitation: Attacking Windows/Unix

This four-day course introduces a tactical approach that does not rely on exploiting known vulnerabilities. Using a combination of new tools and lesser-known techniques, participants will learn how hackers compromise Windows and Unix systems without depending on standard exploits. The class alternates between theory and hands-on testing, providing students with an opportunity to put their new skills to the test. Course content features the latest security practices including Windows 2016 and additional WMI-based techniques.

Looking for a course that's not here? We'd love to hear your suggestions!