top of page

SINCON 2024
Specialised Training Courses

Advanced Exploit Development for Windows

25-28 Mar 2024

A fast-paced, mind-bending, hands-on course where you will learn advanced heap manipulation and exploit development techniques from an experienced exploit developer. During this 4-day class, students will get the opportunity to learn how to write heap exploits for the Windows platform, using Windows 7, Windows 10 and Windows 11 as the example platform, but mostly focusing on learning & applying generic techniques that can be applied to other operating systems and heap implementations. We will discuss the differences between Windows 7 and Windows 10/Windows 11 and explore previously undocumented techniques to achieve important exploitation primitives in Windows 10 and Windows 11.  The trainer will share his “notes from the field” and various tips & tricks to become more effective at writing exploits.

EXP-401

EXP-401 LIVE Training: Advanced Windows Exploitation (AWE)

Modern exploits for Windows-based platforms require modern bypass methods to circumvent Microsoft’s defenses. In Advanced Windows Exploitation (EXP-401), OffSec challenges learners to develop creative solutions that work in today’s increasingly difficult exploitation environment.

27-31 May 2024

PEN-300

PEN-300 LIVE Training: Advanced Evasion Techniques & Breaching Defenses

27-31 May 2024

Evasion Techniques and Breaching Defenses (PEN-300) is an advanced penetration testing course.

WEB-300

WEB-300 LIVE Training: Advanced Web Attacks & Exploitation

27-31 May 2024

Advanced Web Attacks and exploitation (WEB-300) is an advanced web application security course that teaches the skills needed to conduct white box web app penetration tests.

PEN-200

PEN-200 LIVE Training: Penetration Testing with Kali Linux

27-31 May 2024

The industry-leading Penetration Testing with Kali Linux (PWK/PEN-200) course introduces penetration testing methodologies, tools, and techniques in a hands-on environment.

WEB-200

WEB-200 LIVE Training: Foundational Web Application Assessments with Kali Linux

Learn the foundations of web application assessments with Foundational Web Application Assessments with Kali Linux (WEB-200).

27-31 May 2024

SOC-200

SOC-200 LIVE Training: Foundational Security Operations & Defensive Analysis

27-31 May 2024

Learn the foundations of cybersecurity defense with Foundational Security Operations and Defensive Analysis (SOC-200), a course designed for job roles such as Security Operations Center (SOC) Analysts and Threat Hunters.

TRAININGS: List

SINCON Reloaded
Specialised Training Courses

Exploit Development Bootcamp for Windows 10 & 11

14-17 Feb 2023

This is a truly unique opportunity to learn both basic and advanced techniques from an experienced exploit developer. During this 4-day course, students will be able to learn all ins and outs of writing reliable stack-based exploits for the Windows platform. The trainer will share his “notes from the field” and various tips and tricks to become more effective at writing exploits.

Exploit Development Advanced for Windows 7, 10 & 11

20-23 Feb 2023

A fast-paced, mind-bending, hands-on course where you will learn advanced heap exploit development techniques from an experienced exploit developer. During this 4-day class, students will get the opportunity to learn how to write heap exploits for the Windows platform, using Windows 7, Windows 10 and Windows 11 as the example platform, but mainly focusing on learning and applying generic techniques that can be applied to other operating systems and heap implementations. We will discuss the differences between Windows 7 and Windows 10/Windows 11 and explore previously undocumented techniques to achieve important exploitation primitives in Windows 10 and Windows 11. The trainer will share his “notes from the field” and various tips & tricks to become more effective at writing exploits.

Full-Stack Pentesting Laboratory:
100% Hands-On + Lifetime LAB Access

24-27 July 2023

Modern IT systems are complex, and it’s all about full-stack nowadays. To become a pentesting expert, you need to dive into full-stack exploitation and gain a lot of practical skills. That’s why I created the Full-Stack Pentesting Laboratory.


For each attack, vulnerability and technique presented in this training, there is a lab exercise to help you master full-stack pentesting step by step. What’s more, when the training is over, you can take the complete lab environment home to hack again at your own pace.


I found security bugs in many companies, including Google, Yahoo, Mozilla, and Twitter. In this training, I’ll share my experience with you. The content of this training has been carefully selected to cover the topics most frequently requested by professional penetration testers. 

TRAININGS: List

SINCON 2021
Specialised Training Courses

Black Belt Pentesting / Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation
(Live Online Training)

19-20 Oct 2021

TRAININGS: List

SINCON 2020
Specialised Training Courses

Black Belt Pentesting / Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation

27-28 Oct 2020

TRAININGS: List

Infosec In the City, Singapore 2019
Specialised Training Courses

Win32 Exploit Development Bootcamp

4-6 Mar 2019

Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation

11-12 Apr 2019

Linux-Kernel Research for Kernel-Newcomers: Building, Debugging, Fuzzing & Forensics Tools

17-18 Jun 2019

Attack & Securing APIs

17-18 Jun 2019

Building Secure Systems with Threat Modelling

17-18 Jun 2019

ARM (AARCH64) Exploitation

24-27 Jun 2019

TRAININGS: List

Infosec In the City, Singapore 2018
Specialised Training Courses

Advanced Win32 Exploit Development

4-6 Apr 2018

Pentesting the Modern Application Stack

21-22 May 2018

ICS/SCADA Security

21-23 May 2018

Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation

22-23 May 2018

Applied Physical Attacks on Embedded Systems

22-23 May 2018

TRAININGS: List
bottom of page