Windows User Mode Exploit Development (EXP-301) is an intermediate-level course which teaches students the fundamentals of modern exploit development. It starts with basic buffer overflow attacks and builds into learning the skills needed to crack the critical security mitigations protecting enterprises.
Students who loved buffer overflows in Penetration Testing with Kali Linux (PEN-200) will find that EXP-301 takes those skills to the next level. This course is one of the replacements for Cracking the Perimeter (CTP), which we retired on October 15, 2020.
Those who complete the course and pass the 48-hour exam earn the Offensive Security Exploit Developer (OSED) certification. The OSED is one of three certifications making up the new OSCE3 certification, along with the OSWE for web application security and the OSEP for penetration testing.
Payment as low as $65.76 a month. Only available to US students. Learn More.
"I've almost lost my own sanity at this until I popped that shell which barely passed the exam. It was so tough that you have to combine everything that has been taught on the course..."
Ronald Ocubillo | OSCP, OSCE , CRTO
"Finally OSED! After 36 hours of no sleep I finally succeed. This is, by far, the most challenging (and fun) exam of Offensive Security I have done so far, but It was worth the time; the content is extremely well structured :)"
Jorge Giménez Duro | Ethical Hacker at Security Research Labs
"This was the hardest exam I've taken so far. It was truly a beast of a challenge but it demonstrated all the hallmarks of the OffSec "Try Harder" rigour. On to the next!"
Eugene Lim | Cybersecurity Specialist
COURSE OVERVIEW AND SYLLABUS
EXP-301 is an intermediate-level exploit development course that serves to build a solid foundation for students wanting to pursue AWE. Topics covered include:
- WinDbg tutorial
- Stack buffer overflows
- Exploiting SEH overflows
- Intro to IDA Pro
- Overcoming space restrictions: Egghunters
- Shellcode from scratch
- Reverse-engineering bugs
- Stack overflows and DEP/ASLR bypass
- Format string specifier attacks
- Custom ROP chains and ROP payload decoders
WHAT COMPETENCIES WILL YOU GAIN?
- Using WinDbg
- Writing your own shellcode
- Bypassing basic security mitigations, including DEP and ASLR
- Exploiting format string specifiers
- The necessary foundations for finding bugs in binary applications to create custom exploits
SUPPORTING YOUR ONLINE JOURNEY
- 15+ hours of video
- 600+ page course guide
- Active student forums
- Access to virtual lab environment
- Closed Captioning is available for this course
All prices in US dollars. Register for Learn One or contact our training consultants if you're purchasing Learn Unlimited. Discounts may be available for Learn One subscription.
|EXP-301 course + 90-days lab access + OSED exam certification fee||$1499|
EXP-301 ( 2 exam attempts) + PEN-210 (and 1 exam attempt) + 365-days lab access + all 100-level content + KLCP (and 1 exam attempt) + PG Practice
All courses + 365-days lab access + all 100-level content + KLCP + unlimited exam attempts + PG Practice
|Note: One subscription is needed per student. Sharing a subscription with more than one student is a violation of OffSec's academic policy and can lead to being banned.|
|OSED certification exam retake fee||$249|
|EXP-301 lab access – extension of 30 days||$359|