SINCON 2024 — EXP-401 LIVE Training: Advanced Windows Exploitation (AWE) by OffSec
Mon, 27 May
|Singapore
Modern exploits for Windows-based platforms require modern bypass methods to circumvent Microsoft’s defenses. In Advanced Windows Exploitation (EXP-401), OffSec challenges learners to develop creative solutions that work in today’s increasingly difficult exploitation environment.
Time & Location
27 May 2024, 8:30 am – 31 May 2024, 6:00 pm
Singapore, 581 Orchard Rd, Singapore 238883
About the event
Modern exploits for Windows-based platforms require modern bypass methods to circumvent Microsoft’s defenses. In Advanced Windows Exploitation (EXP-401), OffSec challenges learners to develop creative solutions that work in today’s increasingly difficult exploitation environment.
The case studies in AWE are large, well-known applications that are widely deployed in enterprise networks. The course dives deep into topics ranging from security mitigation bypass techniques to complex heap manipulations and 64-bit kernel exploitation.
AWE is a particularly demanding penetration testing course. It requires a significant amount of learner-instructor interaction. Therefore, AWE courses are limited to in-person, hands-on environments.
This is the hardest course OffSec offer and it requires a significant time investment. Learners need to commit to reading case studies and reviewing the provided reading material each evening.
TRAINING PRICE
- Super Early Bird: $11,000 USD (Sign up by 30 September 2023)
- Early Bird: $12,000 USD (Sign up by 16 February 2024)
- Standard: $14,400 USD (Sign up by 5 May 2024)
- Late: $17,300 USD
BENEFITS
- Develop expert-level Windows exploits
- Becoming an OffSec Exploitation Expert (OSEE)
- Complimentary OffSec Merchandise (View here)
PREREQUISITES
- Learners should be experienced in developing windows exploits and understand how to operate a debugger. Familiarity with WinDBG, x86_64 assembly, IDA Pro and basic C/C++ programming is highly recommended. A willingness to work and put in real effort will greatly help students succeed in this security training course.
SYLLABUS
The course covers the following topics.
- Bypass and evasion of user mode security mitigations such as DEP, ASLR, CFG, ACG and CET
- Advanced heap manipulations to obtain code execution along with guest-to-host and sandbox escapes
- Disarming WDEG mitigations and creating version independence for weaponization
- 64-Bit Windows Kernel Driver reverse engineering and vulnerability discovery
- Bypass of kernel mode security mitigations such as kASLR, NX, SMEP, SMAP, kCFG and HVCI
WHAT COMPETENCIES WILL YOU GAIN?
- Analyze vulnerable software, find problematic code, and develop a functioning exploit for various modern Windows operating systems.
COMPUTER LAB REQUIREMENTS
Bring a serious laptop for this course. It should be able to run three VMs with ease. Please do not bring netbooks or other low-resolution systems. The only supported host operating system is Windows 10.
- VMware Workstation 15 or higher
- 64-bit CPU with a minimum of 4 cores along with support for NX, SMEP, VT-d/IOMMU and VT-x/EPT
- At least 160 GB HD free
- At least 16 GB of RAM
EXAM:
A OSEE exam attempt valid for 1 year
AWE CVEs:
CVE-2017-4905
CVE-2017-5754
CVE-2019-0539
CVE-2019-0555
CVE-2018-0617
CVE-2019-0539
CVE-2019-0567
CVE-2021-1732
CVE-2021-31956
Tickets
Super Early Bird
US$11,000.00Tax: +US$990.00 GSTSold OutEarly Bird
US$12,000.00Tax: +US$1,080.00 GSTSale endedStandard
US$14,400.00Tax: +US$1,296.00 GSTSale ended
Total
US$0.00