Advanced Windows Exploits (EXP-401)

Venue:

Radisson Blu Hotel, Riyadh Qurtuba
Al Thumama Road, Riyadh, 11263, Saudi Arabia

Timings:

• Registration starts at 8am
• Training from 9am to 5pm

Topics:

• Bypass and evasion of user mode security mitigations such as DEP, ASLR, CFG, ACG and CET
• Advanced heap manipulations to obtain code execution along with guest-to-host and sandbox escapes
• Disarming WDEG mitigations and creating version independence for weaponization
• 64-Bit Windows Kernel Driver reverse engineering and vulnerability discovery
• Bypass of kernel mode security mitigations such as kASLR, NX, SMEP, SMAP, kCFG and HVCI

Overview

Advanced Windows Exploitation provides an in-depth and hardcore drill down into topics ranging from precision heap reallocation to DEP, ASLR, CFG and ACG bypass techniques to real-world 64-bit kernel exploitation. This course is extremely hands-on and includes a lab environment that is tailored to challenge and bring the most out of you. The case studies covered include vulnerabilities discovered by the research team or exploits written by Offensive Security.

Modern exploits for Windows-based platforms require modern bypass methods to circumvent Microsoft’s defenses. In Advanced Windows Exploitation (EXP-401), OffSec challenges students to develop creative solutions that work in today’s increasingly difficult exploitation environment.
The case studies in AWE are large, well-known applications that are widely deployed in enterprise networks. The course dives deep into topics ranging from precision heap spraying to DEP and ASLR bypass techniques to 64-bit kernel exploitation.

Who Should Take This Course:

Security Researchers, Exploit Developers, Malware Reverse Engineers and Security Professionals who wants to obtain cutting edge knowledge of binary exploits