From £1,450+ VAT
Book online today or, if you need help choosing the right course or would like to discuss business discounts, call us on 0113 220 7150.
Overview
Windows User Mode Exploit Development (EXP-301) is an intermediate course designed for those who want to learn about exploit development skills. For advanced pentesting, consider taking Evasion Techniques and Breaching Defences (PEN-300). For web application security, try Advanced Web Attacks and Exploitation (WEB-300).
Topics covered in EXP-301 include:
- WinDbg tutorial
- Stack buffer overflowsExploiting SEH overflows
- Intro to IDA Pro
- Overcoming space restrictions: Egghunters
- Shellcode from scratch
- Reverse-engineering bugs
- Stack overflows and DEP/ASLR bypass
- Format string specifier attacks
- Custom ROP chains and ROP payload decoders
Included in the course
- 15+ hours of video
- 600+ page course guide
- Active student forums
- Access to virtual lab environment – 90 days
Prerequisites
All students should have the following prerequisite skills before starting the course:
- Familiarity with debuggers (ImmunityDBG, OllyDBG)
- Familiarity with basic exploitation concepts on 32-bit
- Familiarity with writing Python 3 code
The following optional skills are recommended:
- Ability to read and understand C code at a basic level
- Ability to read and understand 32-bit Assembly code at a basic level
Objectives
Windows User Mode Exploit Development (EXP-301) is an intermediate-level exploit development course that serves to build a solid foundation for students wanting to pursue Advanced Windows Exploitation.
- Learn to use WinDbg
- Learn to riting your own shellcode
- Bypassing basic security mitigations, including DEP and ASLR
- Exploiting format string specifiers
- The necessary foundations for finding bugs in binary applications to create custom exploits
You are most likely to benefit if you are a:
- Penetration tester
- Exploit developer
- Security researcher
- Malware analyst
- Software developer working on security products, like antivirus software
What's included
- Exam included
QA is proud to be the UK official partner with Offensive Security.
Click here to view all our OffSec courses.
Click here to view the Learn Online subscriptions.
Why choose QA
- Award-winning training, top NPS scores
- Nearly 300,000 learners in 2020
- Our training experts are industry leaders
- Read more about QA
Special Notices
This course can be purchased via an OffSec LearnOne or Unlimited Subscription;
- https://www.qa.com/course-catalogue/products/offensive-security-learn-one-qaoffseclmsool/
- https://www.qa.com/course-catalogue/products/offensive-security-learn-unlimited-qaoffseclmsuol/
Cyber Security learning paths
Want to boost your career in cyber security? Click on the roles below to see QA's learning pathways, specially designed to give you the skills to succeed.