Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

04:45 PM
Dark Reading
Dark Reading
Products and Releases

Offensive Security Launches New Course and Certification for Exploit Development and Reverse Engineering

New Windows User Mode Exploit Development (EXP-301) Training Course Teaches Exploit Development and Reverse Engineering Techniques

NEW YORK – January 27, 2021 – Offensive Security, the leading provider of hands-on cybersecurity training and certifications, today announced the launch of Windows User Mode Exploit Development (EXP-301), a new course focused on exploit development and reverse engineering techniques. EXP-301 teaches the fundamentals of exploit development, and emphasizes the techniques that security researchers must learn to understand and attack standard Windows protections.

“Security today requires constantly staying one step ahead of attackers, and this necessitates a creative, curious, adversarial mindset,” said Ning Wang, CEO, Offensive Security. “Defenders must not only understand all the defense techniques that enterprises employ, but also be able to take the next step and infer from there how attackers work to bypass these defenses. At OffSec we are committed to continually updating our training offerings with new courses like EXP-301 to keep our students thinking adversarially.”

The EXP-301 course gives students a firm command of the techniques needed to bypass popular Windows defenses such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR). The course also emphasizes techniques for reverse engineering binary applications and identifying security weaknesses. Students who complete the new course are eligible to sit for their EXP-301 exam and earn the new Offensive Security Exploit Development (OSED) certification, demonstrating their ability to create custom exploits.

Obtaining the OSED certification puts students on the path to acquiring the new Offensive Security Certified Expert - Three (OSCE3) designation. By passing the relevant exams for EXP-301, PEN-300, and WEB-300 (AWAE) a student is automatically granted their OSCE3, demonstrating expertise in Offensive Security's three primary learning paths: Penetration Testing, Web Application Attacks, and Exploit Development. 

A pure exploit development and reverse engineering course geared for the intermediate level that expands on concepts covered in the recently retired Cracking the Perimeter (CTP) course, EXP-301 emphasizes important offensive security techniques and begins to prepare students for the notorious Advanced Windows Exploitation (AWE) course and the Offensive Security Exploitation Expert (OSEE) certification. EXP-301 teaches the skills necessary to bypass DEP and ASLR security mitigations, create advanced custom Return-Oriented Programming (ROP) chains, reverse-engineer a network protocol and even create read and write primitives by exploiting format string specifiers.

For more information on EXP-301 visit www.offensive-security.com or follow Offensive Security on Twitter @offsectraining and LinkedIn.

About Offensive Security

Offensive Security is the leading provider of online penetration testing training and certification for information security professionals. Created by the community for the community, Offensive Security’s one-of-a-kind mix of practical, hands-on training and certification programs, virtual labs and open source projects provide practitioners with the highly-desired offensive skills required to advance their careers and better protect their organizations. Offensive Security is committed to funding and growing Kali Linux, the leading operating system for penetration testing, ethical hacking and network security assessments. For more information, visit www.offensive-security.com/ and follow @offsectraining and @kalilinux.


Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-02-25
A Insecure Temporary File vulnerability in the packaging of cyrus-sasl of openSUSE Factory allows local attackers to escalate to root. This issue affects: openSUSE Factory cyrus-sasl version 2.1.27-4.2 and prior versions.
PUBLISHED: 2021-02-25
scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685.
PUBLISHED: 2021-02-25
Appspace 6.2.4 allows SSRF via the api/v1/core/proxy/jsonprequest url parameter.
PUBLISHED: 2021-02-25
An issue was discovered in the comrak crate before 0.9.1 for Rust. XSS can occur because the protection mechanism for data: and javascript: URIs is case-sensitive, allowing (for example) Data: to be used in an attack.
PUBLISHED: 2021-02-24
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.