Why You Should Take Exploit Dev:
As indicated by the fact that Exploit Development classes are always sold out at the major conferences worldwide, there is a huge interest in this topic. Unlike the conferences, we offer a much more in-depth and comprehensive class for exploit development. This class takes participants from “novice” to “advanced” in 5 days. We begin the class with lower level, easy to grasp topics and then expand on those rapidly throughout the week. Again, compared to a two-day class, this five-day course goes deeper and expands out wider to produce better results for the student at the end of the week.
We offer Exploit Development training at our two locations in the D.C. Metro area: Greenbelt, MD and Ashburn, VA. Exploit Development is a 5-day course that takes participants from minimal exposure to advanced concepts. The course will begin with simple, familiar concepts and expand rapidly into new more advanced areas.
Students do not need vast programming experience to participate in Exploit Development training. Templates will be provided for each exploit with the intent being to cut down on raw programming time in class, and instead focusing more on the methodology and mindset that goes into writing the different exploits.
Here are some of the topics to look forward to:
- Stack Overflows (in both Linux and Windows)
- Abusing Structured Exception Handlers on Windows
- Shellcoding Tricks (Negative jumps, egg hunters, fragmented shellcode)
- Browser Exploits
- PDF Exploits
- ROP Exploits
Recommended Training Audience and Prerequisites
For students with a limited programming background and experience, worry not! Templates are provided for each exploit with the intent being to cut down on the raw programming time in class, and instead focusing more on the methodology and mindset that goes into writing these different exploits. By taking this approach, students can expect to learn and to execute 12-15 exploits throughout the class.
It is highly recommended that students have approximately two years of hacking or cyber security experience.
This course is appropriate for Advanced IT Security Professionals (deep technical), IT Security Assessors (Penetration Testers), Application Developers, and Intrusion Analysts.
Skills and Concepts:
Topics & Concepts Covered in Exploit Development Training Include:
- Stack Overflows in Linux with GDB
- Structured Exeption Handler Exploits
- Egghunters in Windows & Linux
- Browser & PDB Exploits
- Bypassing DEP & ASLR
- Return Oriented Programming
- Kernel Exploitation