Advanced Exploit Development for Penetration Testers: SEC760
You will learn the skills required to reverse-engineer applications to find vulnerabilities, perform remote user application and kernel debugging, analyze patches for one-day exploits, perform advanced fuzzing, and write complex exploits against targets such as the Windows kernel and the modern Linux heap, all while circumventing or working with against cutting-edge exploit mitigation.
Vulnerabilities in modern operating systems such as Microsoft Windows 10 and 11, and the latest Linux distributions are often very complex and subtle. Yet, when exploited by very skilled attackers, these vulnerabilities can undermine an organization's defenses and expose it to significant damage. Few security professionals have the skillset to discover why a complex vulnerability exists and how to write an exploit to compromise it. Conversely, attackers must maintain this skillset regardless of the increased complexity. SANS SEC760: Advanced Exploit Development for Penetration Testers teaches the skills required to reverse-engineer applications to find vulnerabilities, perform remote user application and kernel debugging, analyze patches for one-day exploits, perform advanced fuzzing, and write complex exploits against targets such as the Windows kernel and the modern Linux heap, all while circumventing or working with against cutting-edge exploit mitigations.
Ways to Learn
- Live Online: Live, interactive sessions with SANS instructors over the course of one or more weeks, at times convenient to students worldwide.
- In Person (6 days): Training events and topical summits feature presentations and courses in classrooms around the world.
Who should attend SEC760?
- Senior network and system penetration testers with exploit development experience
- Secure application developers (C and C++)
- Reverse-engineering professionals
- Senior incident handlers with exploit development experience
- Senior threat analysts with exploit development experience
- Vulnerability researchers
- Security researchers
