The Offensive Security Exploitation Expert (OSEE) is the companion certification to the extremely demanding Advanced Windows Exploitation (AWE) course. The OSEE certification thoroughly assesses not only the students understanding of the course content, but also their ability to think laterally and adapt to new challenges.
The OSEE exam labs are configured with a limited number of target systems with software containing specific unknown vulnerabilities for which the student must develop exploits. In this extremely challenging exam, the student is provided with 72 hours in order to develop their exploits and fully document the steps taken.
by the time we got to kernel pointer overwrites my head was throbbing… we then started porting the exploit to 64 bit[...] – anonymous
Real World Exams
The OSEE examination consists of a select number of systems containing various unknown vulnerabilities. The successful candidate will demonstrate their ability to research and develop exploits for the given target systems through reverse engineering, assembly and disassembly, drawing on their exploit experience while thinking laterally. The examinee is expected to submit a comprehensive report, containing in-depth notes and screen shots detailing their methods of exploiting each of the assigned targets.
Real World Benefits
An OSEE is able to face a system with unknown vulnerable software, reverse engineer it to locate the problematic code, and think creatively in order to develop a functioning exploit under various Windows operating systems, up to and including Windows 7 and Server 2008.
OSEE Holders Can
- Develop sophisticated exploits.
- Create custom shellcode.
- Evade DEP and ASLR protections.
- Exploit Windows kernel drivers.
- Perform precision heap sprays.
In order to enroll for the OSEE certification exam, you must first complete the Advanced Windows Exploitation course.