Zero-Day Exploit Development Course
This zero-day exploit development course covers key techniques, including fuzzing and buffer overflows, with real-world applications. Previously featured on the OSCP exam, itβs perfect for beginners exploring exploit development in ethical hacking.

What Youβll Learn
This exploit development course will teach you:
- Buffer Overflow Attacks: Master the essential exploit technique previously featured in the OSCP exam.
- Post-Exploitation: Develop shellcode and reverse/bind shells for practical post-exploitation scenarios.
- Tor-over-VPN: Conceal reconnaissance and offensive operations with Tor-over-VPN.
- ROP-Chaining: Defeat Data Execution Prevention with return-oriented programming (ROP) techniques.
- Fuzzing Applications: Learn how to discover vulnerabilities through fuzzing.
- Rpivot for Pivoting: Learn how to pivot from one compromised system to another using rpivot.exe.
- Egghunters: Understand and use egghunters to handle limited buffer space in advanced exploitation.
- Shell Passing: Learn offensive techniques to pass shells between compromised systems and a home PC.
Included in the Zero-Day Exploit Development Course
Suitable for the Following Careers
Course Content
Introduction
Full Walkthrough 1: LibHTTPD1.2
Full Walkthrough 2: SLMail 5.5
Full Walkthrough 3: Crossfire
Full Walkthrough 4: Egghunters (not OSCP exam required)
Shell-passing
Tor-over-VPN
rpivot.exe
Offensive Proxy ARP Bridges
Teaser: New Course In the Making: Advanced Exploit Development (name tentative)
OPEN FULL CURRICULUM
Requirements
Description of the Zero-Day Exploit Development Course
This beginner-friendly course will teach you the essentials of exploit development, including how to perform fuzzing and buffer overflow attacks. You'll gain hands-on experience in offensive techniques such as reverse and bind shells, post-exploitation tactics, and pivoting through compromised systems. You'll also explore essential tools like GDB-PEDA, Immunity Debugger, and Evanβs Debugger to craft and deploy custom exploits.
By the end of the course, you'll have a strong foundation in fuzzing, buffer overflows, shellcode development, and more advanced techniques like ROP-chaining. This course covers the types of buffer overflows previously featured in the OSCP exam, equipping you with practical skills applicable to penetration testing.
- Key exploit development techniques for beginners
- Understanding and applying fuzzing and buffer overflow attacks
- Utilizing tools like Immunity Debugger, GDB, and edb
- Crafting and deploying custom shellcode for Windows and Linux
- Introduction to advanced techniques like ROP-chaining and egghunters
By the end of this exploit development course, you'll have a solid foundation in zero-day exploit development and be prepared to dive deeper into this specialization.
Who Is This Course For
This course is designed for software engineers, penetration testers, and anyone looking to build expertise in exploit development and reverse engineering. It's suitable for both beginners and more experienced professionals interested in fuzzing, buffer overflows, and shellcode development.
Course Instructor
Chang "Slayer-Ranger" Tan is a software engineer specializing in front-end web applications with a strong focus on a security-centered software development lifecycle using the spiral methodology. He is an AWS Certified Cloud Practitioner and is working towards becoming an AWS Certified Solutions Architect (Associate), AWS Certified DevOps Engineer, and Certified Kubernetes Administrator (CKA), with future goals of obtaining Offensive Security certifications.
Chang volunteered as an instructor at DEFCON 27 (2019) in the Red Team Village for Exploit Development, where he helped validate approximately 90 new exploit developers over three to four days. He has also reverse-engineered multiple front-end web applications by analyzing downloadable front-end code to infer back-end functionality and design, often working under contracts and non-disclosure agreements to maintain confidentiality.
Read More
Read Less
Testimonials

Oliver Q.
This course exceeded my expectations. The step-by-step breakdown of complex topics like ROP-Chaining and buffer overflow attacks made everything easy to understand.

Kevin T.
A fantastic introduction to exploit development! The content is well-paced, and I especially appreciated the coverage of advanced topics like SSH tunneling.

John S.
An excellent blend of theory and practice. I loved the practical approach to fuzzing, debugging, and post-exploitation. Not required now for OSCP, but really useful for real-world skill development.
Show More
Show Less