Course Summary
EXP-401 is the most difficult course offered by OffSec. Tackle advanced topics such as DEP and ASLR evasion, heap spraying, function pointer overwrites, and more. Earn your OffSec Exploitation Expert (OSEE) certification.
Modern exploits for Windows-based platforms require modern bypass methods to circumvent Microsoft’s defenses. In Advanced Windows Exploitation (EXP-401), OffSec challenges learners to develop creative solutions that work in today’s increasingly difficult exploitation environment.
The case studies in AWE are large, well-known applications that are widely deployed in enterprise networks. The course dives deep into topics ranging from security mitigation bypass techniques to complex heap manipulations and 64-bit kernel exploitation.
This is the hardest course we offer and it requires a significant time investment. Learners need to commit to reading case studies and reviewing the provided reading material each evening.
The following topics will be covered during the course:
• Bypass and evasion of user mode security mitigations such as DEP, ASLR, CFG, ACG and CET
• Advanced heap manipulations to obtain code execution along with guest-to-host and sandbox escapes
• Disarming WDEG mitigations and creating version independence for weaponization
• 64-Bit Windows Kernel Driver reverse engineering and vulnerability discovery
• Bypass of kernel mode security mitigations such as kASLR, NX, SMEP, SMAP, kCFG and HVCI
Other Popular Courses
Executive Cyber Risk Certification (ECRC)
- Duration: 2 Days
- Language: English
- Level: Intermediate
- Exam: ECRC
Mastering Communication & Presentation Te...
- Duration: 4 Days
- Language: Danish
- Level: Intermediate
- Exam: MCPT
Next Generation Mindfulness
- Duration: 1 Days
- Language: English
- Level: Foundation
- Exam: NGM