Kolja and Felipe - Binary Exploitation on Windows - DCTLV2025 **4-Day Training**
**Please note: This is a four-day training that will be held Saturday-Tuesday (August 9-12). Participants will receive DEF CON Human Badge with their registration**
Name of Training: Binary Exploitation on Windows
Trainer(s): Kolja and Felipe
Dates: August 9-12, 2025 **4-day training**
Time: 8:00 am to 5:00 pm PT
Venue: Las Vegas Convention Center
Cost: $4200
Course Description:
This four-day intensive training is designed to guide participants from foundational reverse engineering to advanced exploitation techniques on Windows systems, culminating in hands-on real-world applications.
Day 1: Basics of Reverse Engineering
Kick off with an introduction to tools like x64dbg and Ghidra, while refreshing your knowledge of computer architecture and assembly. Through demos and challenges, you'll solidify your skills in analyzing binaries, understanding program behavior and identifying memory corruptions.
Day 2: Basics of PWNing
Learn to combine reverse engineering with exploit development. Explore pwntools for crafting exploits, write shellcode, and build your first stack-smashing exploit for Windows through guided exercises and challenges.
Day 3: Advanced PWNing
Dive into bypassing modern mitigations such as Stack Canaries, SEH, ASLR, and mastering ROP techniques. Hone your skills with practical challenges tailored to simulate real-world vulnerabilities.
Day 4: The Real World
Apply your knowledge to exploit your first real-world application or analyze modern Windows exploit proof-of-concepts. Gain insights into advanced bug classes, Control Flow Integrity (CFI), and more.
The final goal is for you to write an exploit for a VirtualBox VM escape n-day utilizing what you have learned!
Course Outline:
Day 1: Fundamentals of Reverse Engineering
- Introduction: "Why This Matters?" & "Who Am I?"
- Virtual Machine Setup & Initial Tool Tests
- Refresher: Computer Architecture and Assembly Language
- Introduction to x64dbg
- Introduction to Ghidra
- Hands-On with Ghidra
- Lab + Q&A Session
Day 2: Fundamentals of Exploitation (PWNing)
- Recap Day 1
- Introduction to Pwntools
- Combined Challenge: Reversing, Debugging, and Pwntools
- Shellcode Development
- Smashing the Stack
- Lab + Q&A Session
Day 3: Advanced Exploitation Techniques
- Bypassing Stack Canaries
- Structured Exception Handling (SEH) Exploitation
- Address Space Layout Randomization (ASLR)
- Return-Oriented Programming (ROP) Introduction
- Advanced ROP Challenges
- Lab + Q&A Session
Day 4: Real-World Exploitation
- Recap of the Week
- Control Flow Integrity (CFI) & Bug Classes
- Introduction to Emerging Bug Classes
- Real World Hacking Session (Introduction)
- Real World Hacking Session (Lab)
- Real World Hacking Session (Solution)
- Final Recap & Q&A
Difficulty Level:
Intermediate to Advanced
Suggested Prerequisites:
- Basic knowledge of operating system design (virtual memory etc.)
- Basic skills in x86 assembly programming
What Students Should Bring:
Participants should bring a laptop with a modern browser access to cloud VMs.
Trainer(s) Bio:
Felipe (Lead Trainer), aka localo, is a skilled and accomplished hacker renowned for his proficiency in developing memory corruption exploits. With a solid track record, he has consistently excelled in major hacking competitions such as Pwn2Own, showcasing his ability to identify and exploit vulnerabilities effectively. Felipe has earned major bug bounties and has impactful vulnerabilities to his name.
Kolja (Support Trainer) works as a Security Researcher and Trainer at Neodyme. He specializes on Windows and Active Directory security. He has found Vulnerabilities in widely used security products and has extensive Pentesting and Red Teaming experience.
Registration Terms and Conditions:
Trainings are refundable before July 8, 2025, minus a non-refundable processing fee of $250.
Trainings are non-refundable after July 8, 2025.
Training tickets may be transferred. Please email us at training@defcon.org for specifics.
If a training does not reach the minimum registration requirement, it may be cancelled. In the event the training you choose is cancelled, you will be provided the option of receiving a full refund or transferring to another training (subject to availability).
Failure to attend the training without prior written notification, will be considered a no-show. No refund will be given.
By purchasing this ticket you agree to abide by the DEF CON Training Code of Conduct and the registration terms and conditions listed above.
Several breaks will be included throughout the day. Please note that food is not included.
All courses come with a certificate of completion, contingent upon attendance at all course sessions.
Training Justification Request – DEF CON Training
To: [Manager Name]
From: [Employee Name]
Date: [Date]
Subject: Business Justification for Attendance at DEF CON Training
Dear [manager’s name],
I am requesting approval to attend DEF CON Training, one of the cybersecurity industry's most recognized technical training programs. I’ve reviewed the options and selected a course to expand my skills with [1-2 key skills focus areas for the course].
DEF CON has been one of the world’s leading cybersecurity communities for more than three decades, known for convening industry, government, and independent experts to exchange advanced knowledge and practical skills. Building on this tradition, DEF CON Training delivers intensive courses taught by recognized global instructors. DEF CON Training courses offer hands-on instruction in a challenging, fast-paced environment. Many of the courses offered by DEF CON Training align with the National Institute of Standards and Technology (NIST) NICE Framework and Department of Defense Cyber Workforce Framework (DCWF), and attending this course will help me build and sharpen the skills required for my role.
Training: [Name of DEF CON Training Course]
Instructor/Provider: [Trainer Name(s)]
Dates: [Training Dates]
Location: Las Vegas, NV
Cost: [Course Fee]
Travel Expenses: [estimated travel & accommodations costs]
Course Description: [Copy short description of the selected class from the website here]
Trainer Bio: [Copy bio of the trainers of the selected class from the website here]
Once I’ve completed the course, I’ll be able to:
[copy student outcomes from course page where available or choose 3-4 skills or topic areas from the outline that are applicable to your current role, will help you fill a skill gap, etc.]
Business Need
As cyber threats continue to evolve, it is critical that our organization maintains current knowledge of emerging techniques and industry best practices. The selected DEF CON training aligns directly with my responsibilities in [your role/field here - for example, security operations, incident response, threat detection and hunting, application security, cloud security, risk management, security engineering].
The course will provide practical, hands-on experience that can be immediately applied to our environment and security initiatives. DEF CON training emphasizes real-world attack and defense scenarios, enabling participants to develop skills that extend beyond traditional classroom learning.
Request for Approval
I respectfully request approval and funding to attend DEF CON Training this August in Las Vegas. The knowledge, hands-on experience, and industry insights gained will directly support our cybersecurity objectives and contribute to strengthening our organization's security capabilities.
Thank you for your consideration. Please let me know if you have questions or need additional information to support this request.
Sincerely,
[Employee name]