Zero-Day Exploit Development Course

This zero-day exploit development course covers key techniques, including fuzzing and buffer overflows, with real-world applications. Previously featured on the OSCP exam, it’s perfect for beginners exploring exploit development in ethical hacking.

4.0
β˜…β˜…β˜…β˜…
(540)
1,300 Students
4 Hours
Stage 5 - Advanced

Last update: May 2020

Focus: Exploit Development Courses, Python Hacking Courses, Python Courses, Penetration Testing Training Courses, Programming Courses

Audio Language: English

Subtitles/Captions: Yes

Type of Training: Online, self-paced

Caption Language: English

What You’ll Learn

This exploit development course will teach you:

  • Buffer Overflow Attacks: Master the essential exploit technique previously featured in the OSCP exam.
  • Post-Exploitation: Develop shellcode and reverse/bind shells for practical post-exploitation scenarios.
  • Tor-over-VPN: Conceal reconnaissance and offensive operations with Tor-over-VPN.
  • ROP-Chaining: Defeat Data Execution Prevention with return-oriented programming (ROP) techniques.
  • Fuzzing Applications: Learn how to discover vulnerabilities through fuzzing.
  • Rpivot for Pivoting: Learn how to pivot from one compromised system to another using rpivot.exe.
  • Egghunters: Understand and use egghunters to handle limited buffer space in advanced exploitation.
  • Shell Passing: Learn offensive techniques to pass shells between compromised systems and a home PC.

Included in the Zero-Day Exploit Development Course

4 Hours of On-Demand Video

10+ Downloadable Resources

5 Projects

Access on Mobile

Certificate of Completion

Suitable for the Following Careers

Exploit Developer

Penetration Tester

Security Engineer

Network Engineer

Software Developer

Course Content

Training Overview

icon-yt Description of Training Preview
icon-yt Video Overview Preview

Introduction

icon-yt Introduction Preview
icon-yt Additional Modules Preview
icon-yt Course Remastering Notice Due to Changes in Kali Linux 2020.1 Preview
icon-yt Installing KVM and Kali Linux on Ubuntu 18.04 Preview
icon-yt Installing Kali Linux 2020.1 on Windows using VMWare and Reenabling Root Users Preview
icon-yt Introducing the Course Pack (Learning Materials) Preview
icon-yt Breaking the Ice for Exploit Development Preview
icon-yt The Exploit Development Process Preview

Full Walkthrough 1: LibHTTPD1.2

icon-yt GDB-PEDA Debugger/Exploit Development Extension Installation Preview
icon-yt Controlling EIP Preview
icon-yt Writing our proof-of-concept Preview
icon-yt Foreword on Bad Character Analysis for the OSCP Exam Preview
icon-yt Bad Character Analysis Preview
icon-yt Successful exploitation Preview

Full Walkthrough 2: SLMail 5.5

Full Walkthrough 3: Crossfire

Full Walkthrough 4: Egghunters (not OSCP exam required)

Shell-passing

Tor-over-VPN

rpivot.exe

Offensive Proxy ARP Bridges

Teaser: New Course In the Making: Advanced Exploit Development (name tentative)

OPEN FULL CURRICULUM

Requirements

Basic Linux commands

Ability to run a virtual machine

Description of the Zero-Day Exploit Development Course

This beginner-friendly course will teach you the essentials of exploit development, including how to perform fuzzing and buffer overflow attacks. You'll gain hands-on experience in offensive techniques such as reverse and bind shells, post-exploitation tactics, and pivoting through compromised systems. You'll also explore essential tools like GDB-PEDA, Immunity Debugger, and Evan’s Debugger to craft and deploy custom exploits.

By the end of the course, you'll have a strong foundation in fuzzing, buffer overflows, shellcode development, and more advanced techniques like ROP-chaining. This course covers the types of buffer overflows previously featured in the OSCP exam, equipping you with practical skills applicable to penetration testing.

  • Key exploit development techniques for beginners
  • Understanding and applying fuzzing and buffer overflow attacks
  • Utilizing tools like Immunity Debugger, GDB, and edb
  • Crafting and deploying custom shellcode for Windows and Linux
  • Introduction to advanced techniques like ROP-chaining and egghunters

By the end of this exploit development course, you'll have a solid foundation in zero-day exploit development and be prepared to dive deeper into this specialization.

Who Is This Course For

This course is designed for software engineers, penetration testers, and anyone looking to build expertise in exploit development and reverse engineering. It's suitable for both beginners and more experienced professionals interested in fuzzing, buffer overflows, and shellcode development.

Course Instructor

Chang Tan

Chang "Slayer-Ranger" Tan is a software engineer specializing in front-end web applications with a strong focus on a security-centered software development lifecycle using the spiral methodology. He is an AWS Certified Cloud Practitioner and is working towards becoming an AWS Certified Solutions Architect (Associate), AWS Certified DevOps Engineer, and Certified Kubernetes Administrator (CKA), with future goals of obtaining Offensive Security certifications.

Chang volunteered as an instructor at DEFCON 27 (2019) in the Red Team Village for Exploit Development, where he helped validate approximately 90 new exploit developers over three to four days. He has also reverse-engineered multiple front-end web applications by analyzing downloadable front-end code to infer back-end functionality and design, often working under contracts and non-disclosure agreements to maintain confidentiality.

Read More

Read Less

Testimonials

Anonymous
β˜…β˜…β˜…β˜…β˜…

Oliver Q.

This course exceeded my expectations. The step-by-step breakdown of complex topics like ROP-Chaining and buffer overflow attacks made everything easy to understand.

Anonymous
β˜…β˜…β˜…β˜…β˜…

Kevin T.

A fantastic introduction to exploit development! The content is well-paced, and I especially appreciated the coverage of advanced topics like SSH tunneling.

Anonymous
β˜…β˜…β˜…β˜…β˜…

John S.

An excellent blend of theory and practice. I loved the practical approach to fuzzing, debugging, and post-exploitation. Not required now for OSCP, but really useful for real-world skill development.

Show More

Show Less

Frequently Asked Questions

Students Who Took This Course Also Liked

Unlock Your Cyber Security Future with StationX Membership!

Dive into tailored training, mentorship, and exclusive community support that accelerates your career.

  • 30,000+ Courses and Labs: Hands-on, comprehensive training covering all the skills you need to excel in any role in the field.
  • Pass Certification Exams: Resources and exam simulations that help you succeed with confidence.
  • Mentorship and Career Coaching: Personalized advice, resume help, and interview coaching to boost your career.
  • Community Access: Engage with a thriving community of peers and professionals for ongoing support.
  • Advanced Training for Real-World Skills: Courses and simulations designed for real job scenarios.
  • Exclusive Events and Networking: Join events and exclusive networking opportunities to expand your connections.

TAKE THE NEXT STEP IN YOUR CAREER TODAY!

>

StationX Accelerator Pro

Enter your name and email below, and we’ll swiftly get you all the exciting details about our exclusive StationX Accelerator Pro Program. Stay tuned for more!

StationX Accelerator Premium

Enter your name and email below, and we’ll swiftly get you all the exciting details about our exclusive StationX Accelerator Premium Program. Stay tuned for more!

StationX Master's Program

Enter your name and email below, and we’ll swiftly get you all the exciting details about our exclusive StationX Master’s Program. Stay tuned for more!