Windows Exploit Development Basics
20%
x86/x64 Windows memory layout, PE format, debugger usage, calling conventions
Stack-Based Buffer Overflows
25%
EIP control, offset calculation, bad character analysis, JMP ESP, shellcode placement
SEH-Based Exploits
20%
Structured Exception Handler overwrite, SafeSEH bypass, nSEH short jump, pop-pop-ret chains
Egghunter Techniques
10%
Small buffer shellcode stagers, NtAccessCheckAndAuditAlarm egghunter, tagging
Custom Shellcode Development
15%
x86 assembly, NASM, shellcode encoding, null-byte avoidance, GetProcAddress technique
Format String Vulnerabilities
10%
Format string read/write primitives, %n exploitation, DWORD overwrite on Windows