images
SecurityBSides Trainings

Course Description

The Corelan "BOOTCAMP" by Peter Van Eeckhoutte is a truly unique opportunity to learn both basic & advanced techniques from an experienced exploit developer. During this 4-day course, students will be able to learn all ins and outs about writing reliable stack-based exploits for the Windows platform. The trainer will share his "notes from the field" and various tips & tricks to become more effective at writing exploits.

We believe it is important to start the course by explaining the basics of stack buffer overflows and exploit writing, but this is most certainly not "your average" entry-level course. In fact, this is a true bootcamp and one of the finest and most advanced courses you will find on Win32 stack-based exploit development.

This hardcore hands-on course will provide students with solid understanding of current stack-based exploitation techniques and memory protection bypass techniques. We make sure the course material is kept updated with current techniques, includes previously undocumented tricks and techniques, and details about research we performed ourselves. Combined with the way the course is built up, this will turn this class into a truly unique experience.

The current edition of the course is 100% based on Windows 11 / Windows 10 and contains an introduction to x64 stack-based exploitation.

Prerequisite

  • be able to read simple C++ code and simple scripts
  • be familiar with writing basic scripts using python/ruby/…
  • be ready to dive into a debugger and read asm for hours and hours and hours
  • be ready to think out of the box and have a strong desire to learn
  • be fluent with managing Windows / Linux operating system and with using VMware Workstation/VirtualBox
  • be familiar with using Metasploit (msfconsole, msfvenom, meterpreter)

Legal Prerequisite

  • Participants will be required to sign a confidentiality agreement at the start of the course. You will not be admitted to the course without signing this document. You can find a copy of the document here.

Course Info

  • Dates: Tuesday October 22 – Friday October 25, 2024.
  • Location: Rome.
  • Price: 3500 Euro (excl. VAT).
  • Payments: Advance bank transfer or credit card.
  • How to book: Send an e-mail to info@securitybsides.it.

Course Reference

  • Full Course content of course is available here.
  • Look on course testimonial page here.

Instructor Bio - Peter Van Eeckhoutte

Peter Van Eeckhoutte, widely recognized in the cybersecurity world, is the founder of Corelan Team, an organization notable for its contributions to security research and training. With extensive expertise in exploit development, Van Eeckhoutte is particularly renowned for his deep understanding of heap exploitation techniques. His work has significantly influenced the realm of cybersecurity, particularly in the field of penetration testing and vulnerability research.

Key Learning Objective

The x86 environment

The exploit development lab environment

Stack Buffer Overflows

Egg hunters in x86 and WoW64

Reliability++ & Reusability++ by avoiding bad characters and other limitations

Metasploit framework Exploit Modules

ASLR Bypass / DEP Bypass with ROP

Intro to x64 stack based exploitation

Bypassing Memory Protections

Real-world Application and Practice