Why does Windows Exploit Development training matter?

According to StatCounter (https://gs.statcounter.com/os-market-share/desktop/worldwide), the vast majority (>75%) of the global Desktop market runs on a Microsoft (Windows) Operating System. Because of its widespread popularity, the discovery (and active exploitation) of a security vulnerability in the Windows Operating System or major software applications may put a significant part of society at risk. Fortunately, this type of event has become somewhat “rare”, and when it happens, it makes it to the news (https://www.forbes.com/sites/daveywinder/2020/03/23/critical-windows-10-warning-microsoft-confirms-ongoing-attacks-says-no-fix-available/amp/),

In any case, every time a major flaw hits the surface, it forces IT teams, system administrators, security teams, etc across the world to scramble, to come up with workarounds, protection mechanisms and patches (if and when available).
Due to the COVID19 outbreak, a large number of people are subject to some kind of forced isolation, lockdown, quarantine, working remotely… some of them are possibly disconnected from corporate networks, detached from the regular management tools that are being used to deploy security updates and to keep the devices safe. These exceptional measures present unique challenges associated with the organization and execution of required mechanisms to protect the systems, employees, citizens against attacks from malicious cybercriminals.

As a CyberSecurity professional, the ability to understand/edit/write exploits for the Windows platform is undeniably an important skill to have under your belt.
It allows you to help determine patch priorities, to test and improve protection mechanisms by simulating attacks, to use vulnerability scanning tools (knowing what they do and how safe they are to use), to fix and update existing tools in case they don’t work out of the box, and perhaps to find your own vulnerabilities and determine how easy it would be to develop a weaponized exploit.

The Corelan Bootcamp is the perfect way to get started into exploit development for Windows 10, setting you up with all the foundations and essential skills on stack-based exploitation, as well as covering all ins-and-outs on bypassing DEP using ROP chains.
Our Advanced class will improve your ability to find and exploit heap related corruption in modern Windows software and takes your skills to the next level. We’ll teach you how to do your own research and what to look for when investigating heap managers, as well as how to use the various types of heap corruption to create information leaks.

You can find a side-by-side comparison of our 2 classes here.

The impact of COVID-19 to Corelan classes

Because of the COVID-19 outbreaks, we’re forced to cease operations and reshuffle our schedules.
All classes originally scheduled to take place in March/April/May 2020 have either been canceled or are being postponed until the second half of 2020.

In any case, we hope everyone stays safe and healthy (and stays at home :)), while we patiently wait until the pandemic settles down.

Meanwhile, we would like to suggest planning ahead and booking your seat in one of our classes before we run out of available spots.
Some classes have been canceled and most students have rescheduled/moved from one class to another. This also means that the number of training opportunities & available seats are limited We expect that our classes will continue to fill up. Don’t wait until it’s too late.

Getting trained is an investment in your future.

For more info on our schedules, please monitor our schedules page: https://www.corelan-training.com/index.php/training-schedules

In a nutshell:

• June 2020: Hack In Paris: Advanced
• June 2020: BruCON “Spring”: Bootcamp
• August 2020: Singapore: Bootcamp & Advanced (in collaboration with Infosec In The City)
• September 2020: Columbia, MD (USA): Bootcamp & Advanced (in collaboration with Center for Cyber Security Training)
• September 2020: BruCON Gent (Belgium): Advanced
• October 2020: Dubai: Bootcamp (in collaboration with Hackers Academy)
• November 2020: Sydney (Australia): (to be confirmed) (in collaboration with  PwC Australia & Beyond Binary Pty)
• December 2022: Zurich (Switzerland): Bootcamp (in collaboration with SIGS)

Why Corelan? Why in-person classes only?

We’re confident that our decision to only teach in-person classes has unique benefits. All of our classes are very hands-on and highly interactive. This approach generates a high-quality learning environment, designed to make sure our students leave the class with a solid understanding of the concepts, mechanics, and techniques (and why certain a technique works), ready to perform their own research.

We’re not just trying to sell as many seats as possible. We really love teaching; we love the direct interaction with our students. It is what drives us, which gives us energy on a daily basis. On top of that, our teaching methodology is directly based on a high volume of interaction, on the use of custom / context-specific drawings & dynamic visualizations to demonstrate concepts and techniques. Our classes are not a simple lecture from a textbook, but a dynamic journey into the deepest corners of the Windows operating system and modern exploitation techniques.

We prefer to ensure the level of quality the Corelan brand so proudly represents and stands for.

We’re convinced that we can only earn and achieve this level of quality by doing training in-person. We’re fully aware of the availability of technological mechanisms that would allow us to teach remotely, mimicking a class environment… but even if it gets close, it would not be the same as being physically present in the room. We find that in-person classes simply make it easier to get complex things across. It improves the ability to engage directly and promptly with the students, to detect when someone is struggling to keep up, to interact with participants 1-on-1, to stimulate rich group discussions and exercises that involve multiple people teaming up and working together. Of course, we’re also concerned about being able to maintain the regular pace of the class on one hand (covering everything we’d like to cover in the available time) vs preserving the quality of the knowledge transfer. Finally, we don’t want to bother with bandwidth issues either or to realize that attendees are recording the live stream and are selling our class material or sharing it with others.

Put simple: Quality > Quantity.

Videos or online classes just don’t cut it for us. We’re concerned that it would affect the quality (and pace) of knowledge transfer, and this is a risk we’re not willing to take.

We’re dead serious about our quality commitment. Our post-training support system, unique in the industry, provides you / your employer) with important investment protection. We understand that people may still have questions after the class has finished. Some people simply require a bit more time than others when having to digest a larger volume of information, that’s normal. We don’t expect anyone to be an expert at exploit development as soon as the class ends, that would not be realistic at all. It takes practice to get better at it, and we’re fully aware of that.

If you take one of our classes, we will help you, even after the class has ended. Again, we care about quality, more than quantity.

If you’re still in doubt about our classes, please check out our student feedback page here: https://www.corelan-training.com/index.php/testimonials/

We look forward to welcoming you to one of our classes soon! 🙂

We need your help!

From the bottom of our hearts, we’d sincerely appreciate any help to spread the word about our updated schedules, our classes, by sharing this message into your network!

We teach classes full time, and COVID19 is clearly affecting our business.

Don’t forget to follow us on Facebook (@corelanconsulting), LinkedIn and Twitter (@corelanconsult / @corelanc0d3r) for updates

Thank you