×
OffSec

EXP-401: Advanced Windows Exploitation

OffSec is the global leader in cybersecurity skills and workforce development, certification, and the creator and stewards of Kali Linux. Phoenix TS takes great pride in being recognized as a leading official OffSec Training Provider!

BONUS! Cyber Phoenix Subscription Included: All Phoenix TS students receive complimentary ninety (90) day access to the Cyber Phoenix learning platform, which hosts hundreds of expert asynchronous training courses in Cybersecurity, IT, Soft Skills, and Management and more!

Course Overview

OSEE Certification In Advanced Windows Exploitation (EXP-401), OffSec challenges learners to develop creative solutions that work in today’s increasingly difficult exploitation environment. The case studies in AWE are large, well-known applications that are widely deployed in enterprise networks. The course dives deep into topics ranging from security mitigation bypass techniques to complex heap manipulations and 64-bit kernel exploitation. AWE is a particularly demanding penetration testing course. It requires a significant amount of learner-instructor interaction. Therefore, we limit AWE courses to an in-person, hands-on environment.

This is the hardest course we offer and it requires a significant time investment. Learners need to commit to reading case studies and reviewing the provided reading material each evening. Upon finishing this course, participants will achieve the following:

  • Acquire the capability to analyze vulnerabilities present in contemporary Windows operating systems.
  • Master techniques for pinpointing flawed code segments within software applications.
  • Hone the expertise necessary to craft operational exploits tailored to vulnerabilities detected within modern Windows environments.

Schedule

Advanced Windows Exploitation (EXP-401), is OffSec’s most challenging course available, and is taught by the world’s best cybersecurity instructors. Seating is very limited. Please call 301-258-8200 – Option 4 for upcoming public classes and seat availability or to schedule a private on-site class for your organization.

Program Level

Advanced

Prerequisites

  • Participants should be experienced in developing windows exploits and understand how to operate a debugger.
  • Familiarity with WinDBG, x86_64 assembly, IDA Pro and basic C/C++ programming is highly recommended.
  • A willingness to work and put in real effort will greatly help students succeed in this security training course.

Course Outline

Custom Shellcode Generation

Crafting Exploit Scripts

Building Shellcode Frameworks

Reversing Shell Connections

VMware Workstation Escape from Guest to Host

Data Execution Prevention (DEP) Techniques

Escaping VMware Workstation’s Guest-to-Host Environment

Manipulating Driver Callbacks

Address Space Layout Randomization (ASLR) Techniques

Understanding VMware Workstation’s Internal Mechanisms

Analyzing the Windows Heap Memory Management

Exploring the Low Fragmentation Heap

Restoring Control Flow

Utilizing Windows Defender Exploit Guard

Mitigating Return-Oriented Programming (ROP) Attacks

Handling Unsanitized User-Mode Callbacks

Exam Information

  • Participants who complete EXP-401 and pass the exam will earn the Offensive Security Exploitation Expert (OSEE) certification.
  • The OSEE exam assesses not only the course content, but also the ability to think laterally and adapt to new challenges.
  • The virtual lab environment has a limited number of target systems. The software within contains specific, unknown vulnerabilities. Students have 72 hours to develop and document exploits. The exam requires a stable, high-speed internet connection.
  • You must submit a comprehensive penetration test report as part of the exam. It should contain in-depth notes and screenshots detailing the steps taken and the exploit methods used
 

 

BONUS! Cyber Phoenix Subscription Included: All Phoenix TS students receive complimentary ninety (90) day access to the Cyber Phoenix learning platform, which hosts hundreds of expert asynchronous training courses in Cybersecurity, IT, Soft Skills, and Management and more!

Phoenix TS is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints re-garding registered sponsors may be submitted to the National Registry of CPE Sponsors through its web site: www.nasbaregistry.org

Subscribe now

Get new class alerts, promotions, and blog posts

Phoenix TS needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at anytime. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.

Download Course Brochure

Enter your information below to download this brochure!

Name(Required)