Exploit Development

Part I

This intensive 3-day course provides cybersecurity professionals with the foundational and practical skills required to master exploit development on Linux systems. Through guided labs and structured exercises, participants will learn how low-level memory vulnerabilities can be transformed into working exploits, gaining control over binary execution flow.

The training begins with core concepts such as stack frames, heap behavior, and CPU registers, before progressing into practical exploitation of buffer overflows. By examining real-world vulnerabilities alongside controlled lab binaries, students will understand how mitigations like ASLR, NX, stack canaries, and PIE are bypassed in practice.

Participants will gain hands-on experience using professional-grade tooling, including GDB, and GEF while dissecting ELF binaries with utilities such as objdump and readelf. Special emphasis is placed on analyzing memory layouts, crafting shellcode, and leveraging compilation flags to recreate vulnerable scenarios.

By the end of the course, students will be able to confidently analyze crashes, trace execution flow at the assembly level, and write proof-of-concept exploits. The course bridges theory with practice, equipping red teamers, vulnerability researchers, and defenders with a deep understanding of binary exploitation that remains highly relevant in today’s offensive and defensive operations.

Course curriculum

    1. Day 1 Part I

    2. Day 1 Part II

About this course

Requirements

While not mandatory, it is recommended that participants have the following tools installed to fully engage with the hands-on exercises:

  • Ubuntu System x32
  • Kali Linux
  • GEF Plugin

These tools will enhance your ability to work effectively with the course materials and practical exercises.