Advanced Software Exploitation Course

Learn how to discover and exploit 0day vulnerabilities!

Formerly known as the Advanced Vulnerability Discovery and Exploit Development course, the Ptrace Security’s Advanced Software Exploitation course offers security professionals an opportunity to test and develop their skills like never before. During this class, attendees will be provided with the latest techniques and tools to discover vulnerabilities and use them to develop reliable exploits for a wide range of software including complex Windows applications, interpreted languages, Web browsers, and critical Microsoft services.

In the first half of the course, attendees will use reverse engineering, source code auditing, and fuzz testing to attack a wide variety of applications (many of which are critical for a successful penetration test) and then use the latest exploitation techniques available today to develop a reliable exploit for Windows 7, Windows 8.1 and Windows 10.

In the second half of the course, the focus will shift from classic to advanced exploitation techniques. Attendees will learn how to escape from the Java sandbox, how to circumvent ASLR without pointer leaks, how to use precise heap spraying and how to bypass the Enhanced Mitigation Experience Toolkit (EMET).

By the end of this course, attendees will have a clear idea of how to find and exploit Zero-day (0day) vulnerabilities on modern Windows machines.

Course Highlights

  • Zero-day (0day) vulnerability discovery.

  • Cutting-edge network protocol and file format fuzzing.

  • Binary analysis techniques and vulnerable patterns identification.

  • Advanced usage of the Grinder Framework, PIN, PyKd, and IDA Python.

  • In-depth study of modern Windows mitigation bypasses.

  • State of the art techniques for exploit development.