EXP-401 is a highly intensive course. During the live training, instructors will cover a wide range of advanced topics at a fast pace.
To make the most of your learning experience, we strongly recommend reviewing the hardware requirements in advance and preparing by reading the suggested articles below. This will help you stay focused during class and ensure you're ready to engage with the material effectively.
Pre-Requisites
Learners should have experience in developing Windows exploits and be proficient in operating a debugger. Familiarity with tools such as WinDBG, x86_64 assembly, IDA Pro, and basic C/C++ programming is highly recommended. A strong willingness to work and dedicate real effort will greatly aid in success in this security training course.
Hardware Requirements
We will be distributing VMware-based Virtual Machines for use in the course labs so be sure to have a USB port for transferring them to your hard drive.
Please ensure you have at least 200 GB of free usable storage on your system and at least the Windows 11 Professional OS. Windows Home versions will not work. Ensure that Hyper-V is enabled on your host operating system and Hyper-V Manager is installed. We recommend that you have a modern system with a 64-bit CPU (IMPORTANT!) with a minimum of 4 cores supporting NX, SMEP, VT-x/EPT functionalities, a minimum of 16GB of RAM, wired and wireless network support and USB 2.0 support or better. It is IMPORTANT to note that the CPU functionalities are mandatory as the modules covered in this course will not function properly on CPUs that do not support the required features listed above. Please, no netbooks. You will have a horrible time debugging code at 800x600.
SMEP, VT-d/IOMMU and VT-x/EPT support may be verified depending on your operating system by using the following software/commands:
- Windows from SysInternals
The fields VMX and SMEP must be present/enabled. Note that the features may have to be enabled in BIOS.
In addition to the distributed virtual machines you will also need a virtual machine running Kali Linux on 64-bit. You can download our Kali Hyper-V image here on our custom Kali Linux Images page.
Summary:
- A 64-bit laptop or desktop computer running the latest version of Windows 11 (Pro or above, no Home version)
- USB port
- Administrative access to the operating system
- Latest version of HyperV Manager
- A minimum of 16 GB of RAM and 4 cores
- A minimum of 200 GB free HDD space
- The CPU of the machine needs to support the following: SMEP, VT-d/IOMMU and VT-x/EPT
- The CPU features can be verified using the CoreInfo tool from the SysInternals Suite
- The SMEP and VMX CPU features may have to be enabled in the BIOS
Recommended Reading
The recommended reading provides essential background knowledge, below are the following:
- Bypassing DEP
- More on DEP Bypassing
- Bypassing ASLR
- Sandbox
- Win10 Mitigations Improvements
- Microsoft Edge Mitigations
- Bypassing CFG
- More on Bypassing Microsoft Edge Mitigations
- Type Confusion Vulnerabilities
- Kernel Exploitation
- x64 Architecture
- More on the x64 Architecture
- Virtual Memory and Address Translation
- Windows SMEP Bypass
What will I receive as a learner that has signed up for EXP-401?
- A list of recommended readings prior to class to help you prepare
- Access to a private class-specific Discord channel for personalized support
- A physical copy of the course book when you arrive to class, we do not permit this to be shared digitally
- Access to the slide deck that the trainers use in class to assist in studying after class is complete
- All of the code that was run in class as part of the training after class is complete