Advanced Windows Exploitation Techniques

Offensive Security sold out | july 21-24


Ends February 1


Ends June 1


Ends July 20


July 21-24


The days of a simple EIP overwrite and a JMP ESP are long gone. Exploit developers need to take their skills to the next level in order to circumvent the most current exploit mitigations put in place on Windows operating systems. Offensive Security's Advanced Windows Exploitation Techniques will challenge you to think laterally and develop creative solutions in today's increasingly difficult exploitation environment.

Advanced Windows Exploitation provides an in-depth and hardcore drilldown into topics ranging from precision heap spraying to DEP and ASLR bypass techniques to real-world 64-bit kernel exploitation. This course is extremely hands-on and includes a lab environment, which is tailored to challenging and bringing the most out of you. The case studies covered include vulnerabilities discovered by our research team or exploits written by us including (amongst others) CVE's 2011-2005 and 2010-0705.

Topics Covered

Who Should Attend

This is NOT an entry level course, previous exploitation experience in Windows environments and basic use of a debugger is required. If you write basic Windows exploits, and need a serious boost, you're in the right place.

What to bring

You want to bring a *serious* laptop along. One able to run 3 vms with ease. Please do not bring netbooks.


Matteo Memelli: Since Matteo Memelli's first experiences in the security industry, he has been "hacked" by his passion for remote exploitation, vulnerability research and covert channels analysis. Matteo is an avid researcher and developer in the exploit field, his passion for security drove him to create this class. As the co-creator and lead trainer of Offensive Security's first Exploit Development specialty class, Matteo is bringing exploitation training to a whole new level.

James O'Gorman is a seasoned security professional who thrives on the challenge of intense pentesting. Jim has taught this class with Matteo and enjoyed bringing pain and suffering to past students. Jim manages Offensive Security's consulting services and is the co-author of the "Metasploit: The Penetration Tester's Guide".