SINCON 2024 — EXP-401 LIVE Training: Advanced Windows Exploitation (AWE) by OffSec

Modern exploits for Windows-based platforms require modern bypass methods to circumvent Microsoft’s defenses. In Advanced Windows Exploitation (EXP-401), OffSec challenges learners to develop creative solutions that work in today’s increasingly difficult exploitation environment.

The case studies in AWE are large, well-known applications that are widely deployed in enterprise networks. The course dives deep into topics ranging from security mitigation bypass techniques to complex heap manipulations and 64-bit kernel exploitation.

AWE is a particularly demanding penetration testing course. It requires a significant amount of learner-instructor interaction. Therefore, AWE courses are limited to in-person, hands-on environments.

This is the hardest course OffSec offer and it requires a significant time investment. Learners need to commit to reading case studies and reviewing the provided reading material each evening.

TRAINING PRICE

• Super Early Bird: $11,000 USD (Sign up by 30 September 2023)
• Early Bird: $12,000 USD (Sign up by 16 February 2024)
• Standard: $14,400 USD (Sign up by 5 May 2024)
• Late: $17,300 USD

BENEFITS

• Develop expert-level Windows exploits
• Becoming an OffSec Exploitation Expert (OSEE)
• Complimentary OffSec Merchandise (View here)

PREREQUISITES

• Learners should be experienced in developing windows exploits and understand how to operate a debugger. Familiarity with WinDBG, x86_64 assembly, IDA Pro and basic C/C++ programming is highly recommended. A willingness to work and put in real effort will greatly help students succeed in this security training course.

SYLLABUS

The course covers the following topics.

• Bypass and evasion of user mode security mitigations such as DEP, ASLR, CFG, ACG and CET
• Advanced heap manipulations to obtain code execution along with guest-to-host and sandbox escapes
• Disarming WDEG mitigations and creating version independence for weaponization
• 64-Bit Windows Kernel Driver reverse engineering and vulnerability discovery
• Bypass of kernel mode security mitigations such as kASLR, NX, SMEP, SMAP, kCFG and HVCI

View the full syllabus.

WHAT COMPETENCIES WILL YOU GAIN?

• Analyze vulnerable software, find problematic code, and develop a functioning exploit for various modern Windows operating systems.

COMPUTER LAB REQUIREMENTS

Bring a serious laptop for this course. It should be able to run three VMs with ease. Please do not bring netbooks or other low-resolution systems. The only supported host operating system is Windows 10.

• VMware Workstation 15 or higher
• 64-bit CPU with a minimum of 4 cores along with support for NX, SMEP, VT-d/IOMMU and VT-x/EPT
• At least 160 GB HD free
• At least 16 GB of RAM

EXAM:

A OSEE exam attempt valid for 1 year

AWE CVEs:

CVE-2017-4905

CVE-2017-5754

CVE-2019-0539

CVE-2019-0555

CVE-2018-0617

CVE-2019-0539

CVE-2019-0567

CVE-2021-1732

CVE-2021-31956