Offensive Security Launches New Course and Certification for Exploit Development and Reverse Engineering

New Windows User Mode Exploit Development (EXP-301) Training Course Teaches Exploit Development and Reverse Engineering Techniques

January 28, 2021

3 Min Read


NEW YORK – January 27, 2021 – Offensive Security, the leading provider of hands-on cybersecurity training and certifications, today announced the launch of Windows User Mode Exploit Development (EXP-301), a new course focused on exploit development and reverse engineering techniques. EXP-301 teaches the fundamentals of exploit development, and emphasizes the techniques that security researchers must learn to understand and attack standard Windows protections.

“Security today requires constantly staying one step ahead of attackers, and this necessitates a creative, curious, adversarial mindset,” said Ning Wang, CEO, Offensive Security. “Defenders must not only understand all the defense techniques that enterprises employ, but also be able to take the next step and infer from there how attackers work to bypass these defenses. At OffSec we are committed to continually updating our training offerings with new courses like EXP-301 to keep our students thinking adversarially.”

The EXP-301 course gives students a firm command of the techniques needed to bypass popular Windows defenses such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR). The course also emphasizes techniques for reverse engineering binary applications and identifying security weaknesses. Students who complete the new course are eligible to sit for their EXP-301 exam and earn the new Offensive Security Exploit Development (OSED) certification, demonstrating their ability to create custom exploits.

Obtaining the OSED certification puts students on the path to acquiring the new Offensive Security Certified Expert - Three (OSCE3) designation. By passing the relevant exams for EXP-301, PEN-300, and WEB-300 (AWAE) a student is automatically granted their OSCE3, demonstrating expertise in Offensive Security's three primary learning paths: Penetration Testing, Web Application Attacks, and Exploit Development. 

A pure exploit development and reverse engineering course geared for the intermediate level that expands on concepts covered in the recently retired Cracking the Perimeter (CTP) course, EXP-301 emphasizes important offensive security techniques and begins to prepare students for the notorious Advanced Windows Exploitation (AWE) course and the Offensive Security Exploitation Expert (OSEE) certification. EXP-301 teaches the skills necessary to bypass DEP and ASLR security mitigations, create advanced custom Return-Oriented Programming (ROP) chains, reverse-engineer a network protocol and even create read and write primitives by exploiting format string specifiers.

For more information on EXP-301 visit or follow Offensive Security on Twitter @offsectraining and LinkedIn.

About Offensive Security

Offensive Security is the leading provider of online penetration testing training and certification for information security professionals. Created by the community for the community, Offensive Security’s one-of-a-kind mix of practical, hands-on training and certification programs, virtual labs and open source projects provide practitioners with the highly-desired offensive skills required to advance their careers and better protect their organizations. Offensive Security is committed to funding and growing Kali Linux, the leading operating system for penetration testing, ethical hacking and network security assessments. For more information, visit and follow @offsectraining and @kalilinux.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights