Offsec EXP-301: Windows User Mode Exploit Development

  • CategoryOther
  • TypeTutorials
  • LanguageEnglish
  • Total size2.6 GB
  • Uploaded Byhazing4864
  • Downloads290
  • Last checkedJan. 02nd '26
  • Date uploadedDec. 26th '25
  • Seeders 19
  • Leechers2

Infohash : 441384269579771BAD49166B8D2E960326D9A28F



Year - 2022/2023

EXP-301 (Windows User Mode Exploit Development) is an intermediate course on modern exploit development techniques. Learners gain hands-on experience crafting custom exploits and bypassing security defenses designed to elevate their skills in ethical hacking and vulnerability discovery. It will also provide an introduction to reverse engineering binary applications to help locate vulnerabilities. Completion of this course will prove the learner's expertise in advanced exploit development techniques, including reverse engineering, writing shellcode, and bypassing modern mitigations, making certified professionals invaluable for identifying and addressing vulnerabilities in software applications.

Files:

VIDEOS EXP-301
  • 0.EXP301-COPY_00_00-Copyright.mp4 (995.4 KB)
  • 1.EXP301-WINDBG_00_00-WinDbg and x86 Architecture.mp4 (789.2 KB)
  • 10.EXP301-WINDBG_03_00-Accessing and Manipulating Memory from WinDbg.mp4 (770.3 KB)
  • 100.EXP301-SHELL_05_02-Position-Independent Shellcode.mp4 (17.0 MB)
  • 101.EXP301-SHELL_06_00-Reverse Shell.mp4 (2.6 MB)
  • 102.EXP301-SHELL_06_01-Loading ws2_32.dll and Resolving Symbols.mp4 (15.8 MB)
  • 103.EXP301-SHELL_06_02-Calling WSAStartup.mp4 (18.0 MB)
  • 104.EXP301-SHELL_06_03-Calling WSASocket.mp4 (14.3 MB)
  • 105.EXP301-SHELL_06_04-Calling WSAConnect.mp4 (22.9 MB)
  • 106.EXP301-SHELL_06_05-Calling CreateProcessA.mp4 (25.7 MB)
  • 107.EXP301-SHELL_07_00-Wrapping Up.mp4 (1.2 MB)
  • 108.EXP301-REV_00_00-Reverse Engineering for Bugs.mp4 (4.7 MB)
  • 109.EXP301-REV_01_00-Installation and Enumeration.mp4 (1.0 MB)
  • 11.EXP301-WINDBG_03_01-Unassemble from Memory.mp4 (3.1 MB)
  • 110.EXP301-REV_01_01-Installing Tivoli Storage Manager.mp4 (5.4 MB)
  • 111.EXP301-REV_01_02-Enumerating an Application.mp4 (9.5 MB)
  • 112.EXP301-REV_02_00-Interacting with Tivoli Storage Manager.mp4 (3.1 MB)
  • 113.EXP301-REV_02_01-Hooking the recv API.mp4 (9.8 MB)
  • 114.EXP301-REV_02_02-Synchronizing WinDbg and IDA Pro.mp4 (18.7 MB)
  • 115.EXP301-REV_02_03-Tracing the Input.mp4 (9.8 MB)
  • 116.EXP301-REV_02_04-Checksum Please.mp4 (89.0 MB)
  • 117.EXP301-REV_03_00-Reverse Engineering the Protocol.mp4 (1.4 MB)
  • 118.EXP301-REV_03_01-Header-Data Separation.mp4 (58.5 MB)
  • 119.EXP301-REV_03_02-Reversing the Header.mp4 (54.7 MB)
  • 12.EXP301-WINDBG_03_02-Reading from Memory.mp4 (5.2 MB)
  • 120.EXP301-REV_03_03-Exploiting Memcpy.mp4 (24.7 MB)
  • 121.EXP301-REV_03_04-Getting EIP Control.mp4 (17.1 MB)
  • 122.EXP301-REV_04_00-Digging Deeper to Find More Bugs.mp4 (1.3 MB)
  • 123.EXP301-REV_04_01-Switching Execution.mp4 (25.8 MB)
  • 124.EXP301-REV_04_02-Going Down 0x534.mp4 (55.7 MB)
  • 125.EXP301-REV_05_00-Wrapping Up.mp4 (964.7 KB)
  • 126.EXP301-DEP_00_00-Stack Overflows and DEP Bypass.mp4 (1.5 MB)
  • 127.EXP301-DEP_01_00-Data Execution Prevention.mp4 (1,015.0 KB)
  • 128.EXP301-DEP_01_01-DEP Theory.mp4 (12.4 MB)
  • 129.EXP301-DEP_01_02-Windows Defender Exploit Guard.mp4 (17.8 MB)
  • 13.EXP301-WINDBG_03_03-Dumping Structures from Memory.mp4 (9.7 MB)
  • 130.EXP301-DEP_02_00-Return Oriented Programming.mp4 (1.8 MB)
  • 131.EXP301-DEP_02_01-Origins of Return Oriented Programming Exploitation.mp4 (4.0 MB)
  • 132.EXP301-DEP_02_02-Return Oriented Programming Evolution.mp4 (10.2 MB)
  • 133.EXP301-DEP_03_00-Gadget Selection.mp4 (1.4 MB)
  • 134.EXP301-DEP_03_01-Debugger Automation Pykd.mp4 (35.8 MB)
  • 135.EXP301-DEP_03_02-Optimized Gadget Discovery RP.mp4 (7.6 MB)
  • 136.EXP301-DEP_04_00-Bypassing DEP.mp4 (1.9 MB)
  • 137.EXP301-DEP_04_01-Getting The Offset.mp4 (18.4 MB)
  • 138.EXP301-DEP_04_02-Locating Gadgets.mp4 (8.5 MB)
  • 139.EXP301-DEP_04_03-Preparing the Battlefield.mp4 (9.2 MB)
  • 14.EXP301-WINDBG_03_04-Writing to Memory.mp4 (2.1 MB)
  • 140.EXP301-DEP_04_04-Making ROPs Acquaintance.mp4 (15.6 MB)
  • 141.EXP301-DEP_04_05-Obtaining VirtualAlloc Address.mp4 (51.5 MB)
  • 142.EXP301-DEP_04_06-Patching the Return Address.mp4 (31.0 MB)
  • 143.EXP301-DEP_04_07-Patching Arguments.mp4 (37.6 MB)
  • 144.EXP301-DEP_04_08-Executing VirtualAlloc.mp4 (21.2 MB)
  • 145.EXP301-DEP_04_09-Getting a Reverse Shell.mp4 (8.9 MB)
  • 146.EXP301-DEP_05_00-Wrapping Up.mp4 (1.3 MB)
  • 147.EXP301-ASLR_00_00-Stack Overflows and ASLR Bypass.mp4 (1.2 MB)
  • 148.EXP301-ASLR_01_00-ASLR Introduction.mp4 (1.0 MB)
  • 149.EXP301-ASLR_01_01-ASLR Implementation.mp4 (2.8 MB)
  • 15.EXP301-WINDBG_03_05-Searching the Memory Space.mp4 (8.7 MB)
  • 150.EXP301-ASLR_01_02-ASLR Bypass Theory.mp4 (9.0 MB)
  • 151.EXP301-ASLR_01_03-Windows Defender Exploit Guard and ASLR.mp4 (11.9 MB)
  • 152.EXP301-ASLR_02_00-Finding Hidden Gems.mp4 (1.8 MB)
  • 153.EXP301-ASLR_02_01-FXCLI_DebugDispatch.mp4 (20.9 MB)
  • 154.EXP301-ASLR_02_02-Arbitrary Symbol Resolution.mp4 (32.7 MB)
  • 155.EXP301-ASLR_02_03-Returning the Goods.mp4 (49.8 MB)
  • 156.EXP301-ASLR_03_00-Expanding our Exploit (ASLR Bypass).mp4 (1.5 MB)
  • 157.EXP301-ASLR_03_01-Leaking an IBM Module.mp4 (13.0 MB)
  • 158.EXP301-ASLR_03_02-Is That a Bad Character.mp4 (18.0 MB)
  • 159.EXP301-ASLR_04_00-Bypassing DEP with WriteProcessMemory.mp4 (1.3 MB)
  • 16.EXP301-WINDBG_03_06-Inspecting and Editing CPU Registers in WinDbg.mp4 (1.9 MB)
  • 160.EXP301-ASLR_04_01-WriteProcessMemory.mp4 (55.0 MB)
  • 161.EXP301-ASLR_04_02-Getting Our Shell.mp4 (24.4 MB)
  • 162.EXP301-ASLR_04_03-Handmade ROP Decoder.mp4 (40.5 MB)
  • 163.EXP301-ASLR_04_04-Automating the Shellcode Encoding.mp4 (5.0 MB)
  • 164.EXP301-ASLR_04_05-Automating the ROP Decoder.mp4 (41.3 MB)
  • 165.EXP301-ASLR_05_00-Wrapping Up.mp4 (1.4 MB)
  • 166.EXP301-FSSA1_00_00-Format String Specifier Attack Part I.mp4 (1.8 MB)
  • 167.EXP301-FSSA1_01_00-Format String Attacks.mp4 (499.7 KB)
  • 168.EXP301-FSSA1_01_01-Format String Theory.mp4 (5.9 MB)
  • 169.EXP301-FSSA1_01_02-Exploiting Format String Specifiers.mp4 (17.3 MB)
  • 17.EXP301-WINDBG_04_00-Controlling the Program Execution in WinDbg.mp4 (1.3 MB)
  • 170.EXP301-FSSA1_02_00-Attacking IBM Tivoli FastBackServer.mp4 (1.2 MB)
  • 171.EXP301-FSSA1_02_01-Investigating the EventLog Function.mp4 (15.3 MB)
  • 172.EXP301-FSSA1_02_02-Reverse Engineering a Path.mp4 (31.4 MB)
  • 173.EXP301-FSSA1_02_03-Invoke the Specifiers.mp4 (20.4 MB)
  • 174.EXP301-FSSA1_03_00-Reading the Event Log.mp4 (1.1 MB)
  • 175.EXP301-FSSA1_03_01-The Tivoli Event Log.mp4 (25.1 MB)
  • 176.EXP301-FSSA1_03_02-Remote Event Log Service.mp4 (36.0 MB)
  • 177.EXP301-FSSA1_03_03-Read From an Index.mp4 (51.4 MB)
  • 178.EXP301-FSSA1_03_04-Read From the Log.mp4 (25.3 MB)
  • 179.EXP301-FSSA1_03_05-Return the Log Content.mp4 (15.2 MB)
  • 18.EXP301-WINDBG_04_01-Software Breakpoints.mp4 (10.4 MB)
  • 180.EXP301-FSSA1_04_00-Bypassing ASLR with Format Strings.mp4 (1.1 MB)
  • 181.EXP301-FSSA1_04_01-Parsing the Event Log.mp4 (32.8 MB)
  • 182.EXP301-FSSA1_04_02-Leak Stack Address Remotely.mp4 (24.3 MB)
  • 183.EXP301-FSSA1_04_03-Saving the Stack.mp4 (5.6 MB)
  • 184.EXP301-FSSA1_04_04-Bypassing ASLR.mp4 (45.0 MB)
  • 185.EXP301-FSSA1_05_00-Wrapping Up.mp4 (1.3 MB)
  • 186.EXP301-FSSA2_00_00-Format St

Code:

  • udp://tracker.leechers-paradise.org:6969/announce
  • udp://tracker.coppersurfer.tk:6969/announce
  • udp://tracker.opentrackr.org:1337/announce
  • udp://tracker.zer0day.to:1337/announce
  • udp://eddie4.nl:6969/announce