OffSec’s Windows User-Mode Exploit Development (EXP-301) course provides a comprehensive understanding of modern exploit development techniques. Learners gain hands-on experience crafting custom exploits and bypassing security defenses in a self-paced environment designed to elevate their skills in ethical hacking and vulnerability discovery.
Topics covered in the EXP-301 course
WinDbg Tutorial
Master the powerful WinDbg debugger to effectively analyze crashes, investigate memory dumps, and identify vulnerabilities in Windows applications.
Stack Buffer Overflows
Understand the mechanics of stack buffer overflows and learn how to exploit them to gain control of vulnerable programs.
Exploiting SEH Overflows
Delve into Structured Exception Handler (SEH) overflows, a specific type of buffer overflow, and master techniques to leverage them for code execution.
Intro to IDA Pro
Familiarize yourself with IDA Pro, a leading disassembler and debugger, essential for reverse engineering software binaries and uncovering vulnerabilities.
Overcoming Space Restrictions
Egghunters: Learn how to bypass space limitations in your exploit payloads by utilizing egghunter techniques to locate and execute shellcode.
Shellcode From Scratch
Develop the skills to write your own custom shellcode, enabling you to perform specific actions on compromised systems.
Reverse-Engineering Bugs
Learn how to systematically analyze software binaries to identify and understand vulnerabilities that can be exploited.
Stack Overflows and DEP/ASLR Bypass
Master advanced techniques for exploiting stack overflows while bypassing modern security mitigations such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR).
Format String Specifier Attacks
Understand and exploit format string vulnerabilities, which can be leveraged to read or write arbitrary memory locations.
Custom ROP Chains and ROP Payload Decoders
Learn how to construct custom Return-Oriented Programming (ROP) chains to bypass security defenses and build ROP payload decoders for stealthy exploitation.
The EXP-301 course is ideal for individuals with a solid foundation in penetration testing and programming who are seeking to master exploit development techniques, ultimately earning the OSED certification.
Benefits of the EXP-301 Course
Advanced Techniques
Go beyond basic exploits and gain specialized skills in crafting custom payloads to bypass security defenses and exploit complex vulnerabilities.
Hands-on Experience
Learn from experienced professionals through realistic lab environments and exercises, exploring the complexities of exploiting vulnerabilities in real-world applications.
Reverse Engineering
Learn to dissect and analyze Windows binary code, uncover vulnerabilities, and craft precise exploits to target specific weaknesses, demonstrating your proficiency in a critical area of exploit development.
Bypassing Security
Learn how to bypass security measures like DEP, ASLR, and CFG that are specifically designed to protect Windows systems, ensuring your exploits remain effective against hardened targets and showcasing your ability to overcome complex challenges.
Certificate
The course ends with an exam, the successful completion of which results in awarding the OffSec Exploit Developer (OSED) certificate.
Exam
- EXP-301 course and online labs will prepare you for OSED certification - The exam lasts 47 hours 45 minutes - The exam is supervised
While there are no formal prerequisites, a strong understanding of C programming, assembly language, operating system internals (Windows), and debugging tools (such as WinDbg and Immunity Debugger) is highly recommended.
All prices are given in USD (US dollars) net. We also allow payment in PLN (zloty) - in this case the final amount to be paid will be converted at the current NBP exchange rate on the day of the decision to purchase the product. 23% VAT should be added to the prices.
If the training and course are financed from public funds (applies to public sector entities), please contact us to agree on the price.
Note: A separate subscription is required for each course participant. Sharing a subscription between different individuals/companies is a violation of the Offensive Security course policy and may result in immediate termination of the course agreement.
Course + Cert Exam
1 749$
EXP-301 course + 90 days of lab access + 1 attempt at the OSED exam.
Learn One
2 749$
EXP-301 Course (2 exam attempts) + Level 100 Courses + 365 days of lab access + PEN-103 Kali Linux Certified Professional (KLCP) Course (1 exam attempt) + PEN-210 Course (1 exam attempt) + Providing Grounds Practice Labs.
Learn Unlimited
6 099$
All courses (unlimited exam attempts) + 365 days of access to labs + Providing Grounds Practice Labs.
Exam
249$
Retake the OSED exam.
Access
359$
Extension of access to the laboratory by another 30 days.
Order course or subscription
Are you interested in purchasing a course or subscription?
Do you have any questions?
Write to us through the contact form.
Do you want to maintain confidentiality?
Download our PGP/GPG key under the icon below and send an encrypted message to [email protected].
Cybersecurity and data protection. Penetration, social engineering and performance tests. Security audits and trainings. Authorized OffSec partner in Poland.
EN 
PL