EXP-401: Advanced Windows Exploitation
Learn to develop creative solutions that work in today’s increasingly difficult exploitation environment with EXP-401 certifications.
About The Course
Modern exploits for Windows-based platforms require modern bypass methods to circumvent Microsoft’s defenses. In Advanced Windows Exploitation (EXP-401), OffSec challenges students to develop creative solutions that work in today’s increasingly difficult exploitation environment.
- Bypass and evasion of user mode security mitigations such as DEP, ASLR, CFG, ACG and CET
- Advanced heap manipulations to obtain code execution along with guest-to-host and sandbox escapes
- Disarming WDEG mitigations and creating version independence for weaponization
- 64-Bit Windows Kernel Driver reverse engineering and vulnerability discovery
- Bypass of kernel mode security mitigations such as kASLR, NX, SMEP, SMAP, kCFG and HVCI
Students should be experienced in developing windows exploits and understand how to operate a debugger. Familiarity with WinDBG, x86_64 assembly, IDA Pro and basic C/C++ programming is highly recommended. A willingness to work and put in real effort will greatly help students succeed in this security training course.