More dates

Corelan: Stack based exploit development / Heap exploitation masterclass

Share
PwC Australia
barangaroo, australia
Add to calendar

Tue, 4 Feb, 9am - 13 Feb, 6pm 2025 AEDT

Event description

Taught by Corelan Training, in partnership with Volkis, we bring you 2 of the most sought after exploit development courses around! Check out the testimonials: https://www.corelan-training.com/index.php/testimonials/

Expert-level STACK

Our expert-level STACK based exploit development course is the perfect introduction into the fine art of exploit development for x86 Windows. It’s a real, hands-on, intense, instructor led course, offering a mix between fundamentals of exploit development and more advanced topics such as ASLR bypass and ROP.

More details: https://www.corelan-training.com/index.php/training/stack/


HEAP Masterclass

The HEAP Masterclass takes off where other courses end. After a quick refresher on ASLR & DEP, the course dives deep into the fascinating world of heap exploitation (UseAfterFree, Heap Overflows, Controlled Read/Write, Type Confusion, Double Free, Uninitialized memory, etc) and the fine art of memory leaks. We cover what others don’t. Our unique approach prepares you for future Windows versions as well.

More details: https://www.corelan-training.com/index.php/training/heap/ 


When

Expert-level STACK based exploitation class: 4th February 2025 - 7th February 2025 (4 days)
HEAP Exploitation Masterclass: 10th February 2025 - 13th February 2025 (4 days)

9am till 5pm each day - Please arrive at least 15 minutes prior.

Where

PwC Australia (Sydney)
One International Towers
Watermans Quay
Barangaroo NSW 2000
Australia

Student Requirements

Technical Prerequisites
Students will receive an email with detailed instructions (on how to set up lab Virtual Machines) about 2 weeks before the start of the class.

Skills
Stack:

    • be able to read simple C++ code and simple scripts
    • be familiar with writing basic scripts using python/ruby/…
    • some basic experience with asm is useful, but not a must
    • be fluent with managing Windows / Linux operating system and with using the virtualization software on your laptop
    • be familiar with using Metasploit (msfconsole, msfvenom, meterpreter)

    Heap:

    • be able to read and write simple C/C++ code and simple scripts (python, javascript)
    • truly master all basic concepts of exploit development, as listed in our "Stack" course.  If you have taken the Bootcamp/Stack course and done a lot of practice after taking the class, then you’re probably ready for this class. 
    • be familiar with ROP (i.e. understand how it works on Windows, know how to build a ROP chain, know how to use mona.py to generate a chain and how to fix the chain if it doesn’t work)
    • be familiar with using debuggers (we’ll use WinDBG for most part of the course, but we’ll spend some time explaining the basics of using WinDBG.  It is assumed that you have practical experience with Immunity Debugger and mona.py)
    • be fluent with managing Windows / Linux operating system and with using the virtualization software on your laptop
    • be familiar with using Metasploit to generate shellcode (msfvenom, msfconsole) and managing meterpreter sessions
    • have basic practical knowledge of x86 assembly

    Legal Prerequisites
    It will be required to sign a confidentiality agreement at the start of the course. You will not be admitted to the course without signing this document. You can find a copy of the document here.

    What to bring

    A laptop, capable of running 2 VMs simultaneously, and some virtual machines.  Instructions on how to set up the VMs will be provided shortly before class begins.

    You do not need to bring food; that will be provided for you.

    Pricing & Ticket info

    Early bird (ends 31st August) Regular
    Expert-level STACK $4400 $4950
    HEAP Masterclass $5500 $6050
    Both STACK and HEAP combo $8250 $9350

    * All prices include GST

    A ticket is only valid once payment has been fully executed. Early bird tickets must be paid in full before the end of August.

    Breakdown of fees

    While we try to keep the ticket costs down as much as possible, some fees from the platforms and government taxes do apply:

    • Humanitix fee: 1.3% + $0.50 (applies to all ticket)
    • Stripe fee: 1.7% + $0.30 (applies only when paying through Stripe)
    • GST: 10% (applies to all tickets)

    Refund Policy

    Generally, no refunds will be provided. However, a change of name for your ticket can be provided.

    In the event the class gets postponed, your tickets will remain valid even if the cost of the class increases.

    Powered by

    Tickets for good, not greed Humanitix dedicates 100% of profits from booking fees to charity