Got a question? Call 1800 853 276   |   
Cyber Security Category

EXP-301 - Window User Mode Exploit Development (OSED) - Self-paced

  • Length self-paced / 90 days access
  • Price $2420 inc GST
  • Inclusions EXP-301 course + 90-days lab access + OSED exam
Course overview
Book now

Why study this course

Learn the fundamentals of modern 32-bit exploit development with the new Windows User Mode Exploit Development (EXP-301) course from Offensive Security.  

EXP-301 is OffSec’s first major introduction into exploit development and reverse engineering techniques. It expands on many of the concepts covered in CTP, and prepares students to take on AWE and the OSEE. EXP-301 is an intermediate course that teaches the skills necessary to bypass DEP and ASLR security mitigations, create advanced custom ROP chains, reverse-engineer a network protocol and even create read and write primitives by exploiting format string specifiers. Students who complete the course and pass the exam earn the Offensive Security Exploit Developer (OSED) certification, demonstrating their ability to create custom exploits.  

Those who complete the course and pass the 48-hour exam earn the Offensive Security Exploit Developer (OSED) certification. The OSED is one of three certifications making up the new OSCE3 certification, along with the OSWE for web application security and the OSEP for penetration testing 

This self-paced course includes: 

  • 15+ hours of video 

  • 600+ page course guide 

  • Active student forums 

  • Access to virtual lab environment 

About the Exam: 

  • The EXP-301 course and online lab prepares you for the OSED certification 

  • 48-hour exam 

  • Proctored

Learn more about the exam 

Request Course Information

By submitting an enquiry, you agree to our privacy policy and receiving email and other forms of communication from us. You can opt-out at any time.


What you’ll learn

  • Learn the fundamentals of reverse engineering 

  • Create custom exploits 

  • Develop the skills to bypass security mitigations 

  • Write handmade Windows shellcode 

  • Adapt older techniques to more modern versions of Windows 


Offensive Security at DDLS

Security professionals from top organisations rely on Offensive Security to train and certify their personnel. DDLS is an Official Training Partner for Offensive Security.


Stay ahead of the technology curve

Don’t let your tech outpace the skills of your people

Quality instructors and content

Expert instructors with real world experience and the latest vendor- approved in-depth course content.

Partner-Preferred Supplier

Chosen and awarded by the world’s leading vendors as preferred training partner.

Ahead of the technology curve

No matter your chosen technologies or platforms, we can help you stay one step ahead.

Who is the course for?

Windows User Mode Exploit Development is an intermediate course designed for those who want to learn about exploit development skills.
Job roles like penetration testers, exploit developers, security researchers, Malware analysts, and software developers working on security products, could benefit from the course.


Course subjects

EXP-301 is an intermediate-level exploit development course that serves to build a solid foundation for students wanting to pursue AWE. View the full syllabus here

The course covers the following topics:

  • WinDbg tutorial 

  • Stack buffer overflows 

  • Exploiting SEH overflows 

  • Intro to IDA Pro 

  • Overcoming space restrictions: Egghunters 

  • Shellcode from scratch 

  • Reverse-engineering bugs 

  • Stack overflows and DEP/ASLR bypass 

  • Format string specifier attacks 

  • Custom ROP chains and ROP payload decoders 


Prerequisites

All students are required to have: 

  • Familiarity with debuggers (ImmunityDBG, OllyDBG) 

  • Familiarity with basic exploitation concepts on 32-bit 

  • Familiarity with writing Python 3 code 

  • Ability to read and understand C code at a basic level (optional but recommended) 

  • Ability to read and understand 32-bit Assembly code at a basic level (optional but recommended) 


THIRD PARTY REGISTRATION

DDLS offers training in cybersecurity through our partnership with Offensive Security. This arrangement requires DDLS to provide your details to Offensive Security for registration purposes.


Terms & Conditions

The supply of this course by DDLS is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.


Request Course Information

By submitting an enquiry, you agree to our privacy policy and receiving email and other forms of communication from us. You can opt-out at any time.