top of page

SINCON 2024 — EXP-401 LIVE Training: Advanced Windows Exploitation (AWE) by OffSec

Mon, 27 May

|

Singapore

Modern exploits for Windows-based platforms require modern bypass methods to circumvent Microsoft’s defenses. In Advanced Windows Exploitation (EXP-401), OffSec challenges learners to develop creative solutions that work in today’s increasingly difficult exploitation environment.

Registration is closed
See other events
SINCON 2024 — EXP-401 LIVE Training: Advanced Windows Exploitation (AWE) by OffSec
SINCON 2024 — EXP-401 LIVE Training: Advanced Windows Exploitation (AWE) by OffSec

Time & Location

27 May 2024, 8:30 am – 31 May 2024, 6:00 pm

Singapore, 581 Orchard Rd, Singapore 238883

About the event

Modern exploits for Windows-based platforms require modern bypass methods to circumvent Microsoft’s defenses. In Advanced Windows Exploitation (EXP-401), OffSec challenges learners to develop creative solutions that work in today’s increasingly difficult exploitation environment.

The case studies in AWE are large, well-known applications that are widely deployed in enterprise networks. The course dives deep into topics ranging from security mitigation bypass techniques to complex heap manipulations and 64-bit kernel exploitation.

AWE is a particularly demanding penetration testing course. It requires a significant amount of learner-instructor interaction. Therefore, AWE courses are limited to in-person, hands-on environments.

This is the hardest course OffSec offer and it requires a significant time investment. Learners need to commit to reading case studies and reviewing the provided reading material each evening.

TRAINING PRICE

  • Super Early Bird: $11,000 USD (Sign up by 30 September 2023)
  • Early Bird: $12,000 USD (Sign up by 16 February 2024)
  • Standard: $14,400 USD (Sign up by 5 May 2024)
  • Late: $17,300 USD

BENEFITS

  • Develop expert-level Windows exploits
  • Becoming an OffSec Exploitation Expert (OSEE)
  • Complimentary OffSec Merchandise (View here)

PREREQUISITES

  • Learners should be experienced in developing windows exploits and understand how to operate a debugger. Familiarity with WinDBG, x86_64 assembly, IDA Pro and basic C/C++ programming is highly recommended. A willingness to work and put in real effort will greatly help students succeed in this security training course.

SYLLABUS

The course covers the following topics.

  • Bypass and evasion of user mode security mitigations such as DEP, ASLR, CFG, ACG and CET
  • Advanced heap manipulations to obtain code execution along with guest-to-host and sandbox escapes
  • Disarming WDEG mitigations and creating version independence for weaponization
  • 64-Bit Windows Kernel Driver reverse engineering and vulnerability discovery
  • Bypass of kernel mode security mitigations such as kASLR, NX, SMEP, SMAP, kCFG and HVCI

View the full syllabus.

WHAT COMPETENCIES WILL YOU GAIN?

  • Analyze vulnerable software, find problematic code, and develop a functioning exploit for various modern Windows operating systems.

COMPUTER LAB REQUIREMENTS

Bring a serious laptop for this course. It should be able to run three VMs with ease. Please do not bring netbooks or other low-resolution systems. The only supported host operating system is Windows 10.

  • VMware Workstation 15 or higher
  • 64-bit CPU with a minimum of 4 cores along with support for NX, SMEP, VT-d/IOMMU and VT-x/EPT
  • At least 160 GB HD free
  • At least 16 GB of RAM

EXAM:

A OSEE exam attempt valid for 1 year

AWE CVEs:

CVE-2017-4905

CVE-2017-5754

CVE-2019-0539

CVE-2019-0555

CVE-2018-0617

CVE-2019-0539

CVE-2019-0567

CVE-2021-1732

CVE-2021-31956

Tickets

  • Super Early Bird

    US$11,000.00
    Tax: +US$990.00 GST
    Sold Out
  • Early Bird

    US$12,000.00
    Tax: +US$1,080.00 GST
    Sale ended
  • Standard

    US$14,400.00
    Tax: +US$1,296.00 GST
    Sale ended

Total

US$0.00

Share this event

bottom of page